SUSE Security Update: Security update for freetype2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0483-2 Rating: important References: #750937 #750938 #750939 #750940 #750941 #750943 #750945 #750946 #750947 #750948 #750949 #750950 #750951 #750952 #750953 #750955 Cross-References: CVE-2012-1126 CVE-2012-1127 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that fixes 16 vulnerabilities is now available. Description: Specially crafted font files could have caused buffer overflows in freetype, which could be exploited for remote code execution. Security Issue references: * CVE-2012-1129 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129
* CVE-2012-1127 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127
* CVE-2012-1138 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138
* CVE-2012-1131 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131
* CVE-2012-1141 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141
* CVE-2012-1132 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132
* CVE-2012-1139 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139
* CVE-2012-1137 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137
* CVE-2012-1126 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126
* CVE-2012-1142 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142
* CVE-2012-1130 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130
* CVE-2012-1136 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136
* CVE-2012-1143 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143
* CVE-2012-1133 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133
* CVE-2012-1135 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135
* CVE-2012-1134 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134
Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): freetype2-2.1.10-18.29.17 freetype2-devel-2.1.10-18.29.17 ft2demos-2.1.10-19.29.7 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64): freetype2-32bit-2.1.10-18.29.17 freetype2-devel-32bit-2.1.10-18.29.17 References: http://support.novell.com/security/cve/CVE-2012-1126.html http://support.novell.com/security/cve/CVE-2012-1127.html http://support.novell.com/security/cve/CVE-2012-1129.html http://support.novell.com/security/cve/CVE-2012-1130.html http://support.novell.com/security/cve/CVE-2012-1131.html http://support.novell.com/security/cve/CVE-2012-1132.html http://support.novell.com/security/cve/CVE-2012-1133.html http://support.novell.com/security/cve/CVE-2012-1134.html http://support.novell.com/security/cve/CVE-2012-1135.html http://support.novell.com/security/cve/CVE-2012-1136.html http://support.novell.com/security/cve/CVE-2012-1137.html http://support.novell.com/security/cve/CVE-2012-1138.html http://support.novell.com/security/cve/CVE-2012-1139.html http://support.novell.com/security/cve/CVE-2012-1141.html http://support.novell.com/security/cve/CVE-2012-1142.html http://support.novell.com/security/cve/CVE-2012-1143.html https://bugzilla.novell.com/750937 https://bugzilla.novell.com/750938 https://bugzilla.novell.com/750939 https://bugzilla.novell.com/750940 https://bugzilla.novell.com/750941 https://bugzilla.novell.com/750943 https://bugzilla.novell.com/750945 https://bugzilla.novell.com/750946 https://bugzilla.novell.com/750947 https://bugzilla.novell.com/750948 https://bugzilla.novell.com/750949 https://bugzilla.novell.com/750950 https://bugzilla.novell.com/750951 https://bugzilla.novell.com/750952 https://bugzilla.novell.com/750953 https://bugzilla.novell.com/750955 http://download.novell.com/patch/finder/?keywords=79a084c6d12b368701383076de... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org