[security-announce] SUSE-SU-2012:0484-1: important: Security update for freetype2

SUSE Security Update: Security update for freetype2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0484-1 Rating: important References: #750937 #750938 #750939 #750940 #750941 #750942 #750943 #750944 #750945 #750946 #750947 #750948 #750949 #750950 #750951 #750952 #750953 #750954 #750955 Cross-References: CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes 19 vulnerabilities is now available. Description: Specially crafted font files could have caused buffer overflows in freetype. This has been fixed. Security Issue references: * CVE-2012-1129 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129

* CVE-2012-1127 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127

* CVE-2012-1140 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1140

* CVE-2012-1138 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138

* CVE-2012-1131 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131

* CVE-2012-1141 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141

* CVE-2012-1132 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132

* CVE-2012-1139 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139

* CVE-2012-1137 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137

* CVE-2012-1126 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126

* CVE-2012-1142 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142

* CVE-2012-1128 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1128

* CVE-2012-1130 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130

* CVE-2012-1136 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136

* CVE-2012-1143 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143

* CVE-2012-1133 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133

* CVE-2012-1135 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135

* CVE-2012-1144 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1144

* CVE-2012-1134 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134

Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-freetype2-6052 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-freetype2-6052 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-freetype2-6052 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-freetype2-6052 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-freetype2-6052 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-freetype2-6052 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-freetype2-6052 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): freetype2-devel-2.3.7-25.30.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): freetype2-devel-32bit-2.3.7-25.30.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): freetype2-devel-2.3.7-25.30.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): freetype2-devel-32bit-2.3.7-25.30.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): freetype2-2.3.7-25.30.1 ft2demos-2.3.7-25.30.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): freetype2-32bit-2.3.7-25.30.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): freetype2-x86-2.3.7-25.30.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): freetype2-2.3.7-25.30.1 ft2demos-2.3.7-25.30.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): freetype2-32bit-2.3.7-25.30.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): freetype2-2.3.7-25.30.1 ft2demos-2.3.7-25.30.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): freetype2-32bit-2.3.7-25.30.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): freetype2-x86-2.3.7-25.30.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): freetype2-2.3.7-25.30.1 freetype2-devel-2.3.7-25.30.1 ft2demos-2.3.7-25.30.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): freetype2-32bit-2.3.7-25.30.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): freetype2-2.3.7-25.30.1 freetype2-devel-2.3.7-25.30.1 ft2demos-2.3.7-25.30.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): freetype2-32bit-2.3.7-25.30.1 References: http://support.novell.com/security/cve/CVE-2012-1126.html http://support.novell.com/security/cve/CVE-2012-1127.html http://support.novell.com/security/cve/CVE-2012-1128.html http://support.novell.com/security/cve/CVE-2012-1129.html http://support.novell.com/security/cve/CVE-2012-1130.html http://support.novell.com/security/cve/CVE-2012-1131.html http://support.novell.com/security/cve/CVE-2012-1132.html http://support.novell.com/security/cve/CVE-2012-1133.html http://support.novell.com/security/cve/CVE-2012-1134.html http://support.novell.com/security/cve/CVE-2012-1135.html http://support.novell.com/security/cve/CVE-2012-1136.html http://support.novell.com/security/cve/CVE-2012-1137.html http://support.novell.com/security/cve/CVE-2012-1138.html http://support.novell.com/security/cve/CVE-2012-1139.html http://support.novell.com/security/cve/CVE-2012-1140.html http://support.novell.com/security/cve/CVE-2012-1141.html http://support.novell.com/security/cve/CVE-2012-1142.html http://support.novell.com/security/cve/CVE-2012-1143.html http://support.novell.com/security/cve/CVE-2012-1144.html https://bugzilla.novell.com/750937 https://bugzilla.novell.com/750938 https://bugzilla.novell.com/750939 https://bugzilla.novell.com/750940 https://bugzilla.novell.com/750941 https://bugzilla.novell.com/750942 https://bugzilla.novell.com/750943 https://bugzilla.novell.com/750944 https://bugzilla.novell.com/750945 https://bugzilla.novell.com/750946 https://bugzilla.novell.com/750947 https://bugzilla.novell.com/750948 https://bugzilla.novell.com/750949 https://bugzilla.novell.com/750950 https://bugzilla.novell.com/750951 https://bugzilla.novell.com/750952 https://bugzilla.novell.com/750953 https://bugzilla.novell.com/750954 https://bugzilla.novell.com/750955 http://download.novell.com/patch/finder/?keywords=c8333ba8e3ae05779714d7f5c5... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org