Bug 625632 (CVE-2010-3054)

Summary: CVE-2010-3054 freetype: DoS via nested "seac" calls
Product: [Other] Security Response Reporter: Vincent Danen <vdanen>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: jlieskov, mkasik
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-06-05 06:35:49 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 638139, 638140, 638141, 638142, 638143, 806284    
Bug Blocks:    

Description Vincent Danen 2010-08-20 01:05:56 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-3054 to
the following vulnerability:

Name: CVE-2010-3054
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3054
Assigned: 20100819
Reference:
CONFIRM: https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019

Unspecified vulnerability in FreeType 2.3.9, and other versions before
2.4.2, allows remote attackers to cause a denial of service via
vectors involving nested Standard Encoding Accented Character (aka
seac) calls, related to psaux.h, cffgload.c, cffgload.h, and
t1decode.c.
Comment 1 Huzaifa S. Sidhpurwala 2010-09-27 09:14:11 UTC 
Upstream patch:

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e7389a4405223c40e552122451c7612ae030c20d
Comment 7 Jan Lieskovsky 2010-09-28 11:05:52 UTC 
This issue affects the versions of the freetype package, as shipped
with Red Hat Enterprise Linux 3, 4, and 5.

--

This issue did NOT affect the versions of the freetype package, as
shipped with Fedora release of 12 and 13. Those versions already
contain the upstream fix for this flaw.
Comment 13 errata-xmlrpc 2010-10-04 17:12:58 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 3

Via RHSA-2010:0736 https://rhn.redhat.com/errata/RHSA-2010-0736.html
Comment 14 errata-xmlrpc 2010-10-04 17:54:31 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4
  Red Hat Enterprise Linux 5

Via RHSA-2010:0737 https://rhn.redhat.com/errata/RHSA-2010-0737.html