Bug 621144 (CVE-2010-1797)
Summary: | CVE-2010-1797 FreeType: Multiple stack overflows by processing CFF opcodes | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | high | Docs Contact: | |||||
Priority: | high | ||||||
Version: | unspecified | CC: | mjc, mkasik, ovasik, security-response-team, vdanen, vkrizan | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2015-07-29 12:47:24 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 621189, 621190, 621191, 621192, 621193, 621624, 621627, 806285 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Jan Lieskovsky
2010-08-04 11:38:35 UTC
Created attachment 436501 [details] Proposed FreeType CVE-2010-1797 patch from Apple This deficiency affects the version of the vnc-server package, as shipped with Red Hat Enteprise Linux 3 (it contains and uses own embedded copy of the freetype library). Red Hat Security Response Team does not consider the vnc-server bug to be a security issue. The only way this is exploitable in the vnc-server package is if a bad font would be included in the vncserver font path. But that means, the attacker already has access to the user account in question. This flaw does NOT affect the version of the vnc-server package, as shipped with Red Hat Enterprise Linux 4 and 5. This flaw does NOT affect the version of the XFree86 package, as shipped with Red Hat Enterprise Linux 3, as it uses FreeType library, present on the system. This flaw does NOT affect the version of the xorg-x11 package, as shipped with Red Hat Enterprise Linux 4, as it use FreeType library, present on the system. Created freetype tracking bugs for this issue Affects: fedora-all [bug 621627] This issue has been addressed in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0607 https://rhn.redhat.com/errata/RHSA-2010-0607.html |