Bug 1191099
| Summary: | CVE-2014-9656 CVE-2014-9657 CVE-2014-9661 CVE-2014-9660 CVE-2014-9667 CVE-2014-9666 CVE-2014-9665 CVE-2014-9664 CVE-2014-9669 CVE-2014-9668 CVE-2014-9662 CVE-2014-9658 CVE-2014-9659 CVE-2014-9663 CVE-2014-9670 freetype: various flaws [fedora-all] | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Vasyl Kaigorodov <vkaigoro> |
| Component: | freetype | Assignee: | Marek Kašík <mkasik> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 21 | CC: | behdad, fonts-bugs, kevin, mkasik |
| Target Milestone: | --- | Keywords: | Security, SecurityTracking |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | freetype-2.5.0-9.fc20 | Doc Type: | Release Note |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-02-19 18:00:25 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1191078, 1191079, 1191080, 1191081, 1191082, 1191083, 1191084, 1191085, 1191086, 1191087, 1191089, 1191090, 1191091, 1191092, 1191093, 1191094 | ||
|
Description
Vasyl Kaigorodov
2015-02-10 12:54:57 UTC
Use the following template to for the 'fedpkg update' request to submit an update for this issue as it contains the top-level parent bug(s) as well as this tracking bug. This will ensure that all associated bugs get updated when new packages are pushed to stable. ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191078,1191099 # Description of your update notes=Security fix for CVE-2014-9656 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191078,1191099 Adding parent bug 1191079 (for CVE-2014-9657). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079 Adding parent bug 1191080 (for CVE-2014-9658). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9658 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080 Adding parent bug 1191081 (for CVE-2014-9659). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9658, CVE-2014-9659 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081 Adding parent bug 1191082 (for CVE-2014-9660). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9658, CVE-2014-9659, CVE-2014-9660 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082 Adding parent bug 1191083 (for CVE-2014-9661). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9660, CVE-2014-9658, CVE-2014-9659, CVE-2014-9661 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083 Adding parent bug 1191084 (for CVE-2014-9662). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9661, CVE-2014-9660, CVE-2014-9658, CVE-2014-9659, CVE-2014-9662 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083 Adding parent bug 1191085 (for CVE-2014-9663). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9661, CVE-2014-9660, CVE-2014-9662, CVE-2014-9658, CVE-2014-9659, CVE-2014-9663 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085 Adding parent bug 1191086 (for CVE-2014-9664). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9661, CVE-2014-9660, CVE-2014-9662, CVE-2014-9658, CVE-2014-9659, CVE-2014-9663, CVE-2014-9664 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086 Adding parent bug 1191087 (for CVE-2014-9665). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9661, CVE-2014-9660, CVE-2014-9662, CVE-2014-9664, CVE-2014-9658, CVE-2014-9659, CVE-2014-9663, CVE-2014-9665 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087 Adding parent bug 1191089 (for CVE-2014-9666). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087,1191089 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9661, CVE-2014-9660, CVE-2014-9665, CVE-2014-9664, CVE-2014-9662, CVE-2014-9658, CVE-2014-9659, CVE-2014-9663, CVE-2014-9666 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087,1191089 Adding parent bug 1191090 (for CVE-2014-9667). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087,1191089,1191090 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9661, CVE-2014-9660, CVE-2014-9666, CVE-2014-9665, CVE-2014-9664, CVE-2014-9662, CVE-2014-9658, CVE-2014-9659, CVE-2014-9663, CVE-2014-9667 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087,1191089,1191090 Adding parent bug 1191091 (for CVE-2014-9668). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087,1191089,1191090,1191091 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9661, CVE-2014-9660, CVE-2014-9667, CVE-2014-9666, CVE-2014-9665, CVE-2014-9664, CVE-2014-9662, CVE-2014-9658, CVE-2014-9659, CVE-2014-9663, CVE-2014-9668 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087,1191089,1191090,1191091 Adding parent bug 1191092 (for CVE-2014-9669). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087,1191089,1191090,1191091,1191092 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9661, CVE-2014-9660, CVE-2014-9667, CVE-2014-9666, CVE-2014-9665, CVE-2014-9664, CVE-2014-9668, CVE-2014-9662, CVE-2014-9658, CVE-2014-9659, CVE-2014-9663, CVE-2014-9669 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087,1191089,1191090,1191091,1191092 Adding parent bug 1191093 (for CVE-2014-9670). Please use this new fedpkg update template when submitting the update: ===== # bugfix, security, enhancement, newpackage (required) type=security # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087,1191089,1191090,1191091,1191092,1191093 # Description of your update notes=Security fix for CVE-2014-9656, CVE-2014-9657, CVE-2014-9661, CVE-2014-9660, CVE-2014-9667, CVE-2014-9666, CVE-2014-9665, CVE-2014-9664, CVE-2014-9669, CVE-2014-9668, CVE-2014-9662, CVE-2014-9658, CVE-2014-9659, CVE-2014-9663, CVE-2014-9670 # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False ====== Additionally, you may opt to use the bodhi update submission link instead: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1191099,1191078,1191079,1191080,1191081,1191082,1191083,1191084,1191085,1191086,1191087,1191089,1191090,1191091,1191092,1191093 freetype-2.5.0-9.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/freetype-2.5.0-9.fc20 freetype-2.5.3-15.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/freetype-2.5.3-15.fc21 I've pushed an update for the CVEs. The CVE-2014-9659 was already fixed in F20 and F21. I've included some other needed patches and the patches for the CVE-2014-9671 - CVE-2014-9673 there too. Package freetype-2.5.3-15.fc21: * should fix your issue, * was pushed to the Fedora 21 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing freetype-2.5.3-15.fc21' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2015-2237/freetype-2.5.3-15.fc21 then log in and leave karma (feedback). freetype-2.5.3-15.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. freetype-2.5.0-9.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. |