k_f 15/03/08 14:40:46 Added: glsa-201503-05.xml Log: GLSA 201503-05
Revision Changes Path 1.1 xml/htdocs/security/en/glsa/glsa-201503-05.xml file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201503-05.xml?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201503-05.xml?rev=1.1&content-type=text/plain Index: glsa-201503-05.xml =================================================================== <?xml version="1.0" encoding="UTF-8"?> <?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?> <?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd";> <glsa id="201503-05"> <title>FreeType: Multiple vulnerabilities</title> <synopsis>Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. </synopsis> <product type="ebuild">freetype</product> <announced>March 08, 2015</announced> <revised>March 08, 2015: 1</revised> <bug>532152</bug> <bug>539796</bug> <access>remote</access> <affected> <package name="media-libs/freetype" auto="yes" arch="*"> <unaffected range="ge">2.5.5</unaffected> <vulnerable range="lt">2.5.5</vulnerable> </package> </affected> <background> <p>FreeType is a high-quality and portable font engine.</p> </background> <description> <p>Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. </p> </description> <impact type="normal"> <p>A remote attacker can cause Denial of Service.</p> </impact> <workaround> <p>There is no known workaround at this time.</p> </workaround> <resolution> <p>All FreeType users should upgrade to the latest version:</p> <code> # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/freetype-2.5.5" </code> </resolution> <references> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9656";>CVE-2014-9656</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9657";>CVE-2014-9657</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9658";>CVE-2014-9658</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9659";>CVE-2014-9659</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9660";>CVE-2014-9660</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9661";>CVE-2014-9661</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9662";>CVE-2014-9662</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9663";>CVE-2014-9663</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9664";>CVE-2014-9664</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9665";>CVE-2014-9665</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9666";>CVE-2014-9666</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9667";>CVE-2014-9667</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9668";>CVE-2014-9668</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9669";>CVE-2014-9669</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9670";>CVE-2014-9670</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9671";>CVE-2014-9671</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9672";>CVE-2014-9672</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9673";>CVE-2014-9673</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9674";>CVE-2014-9674</uri> <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9675";>CVE-2014-9675</uri> </references> <metadata tag="requester" timestamp="Thu, 26 Feb 2015 01:14:38 +0000"> BlueKnight </metadata> <metadata tag="submitter" timestamp="Sun, 08 Mar 2015 14:40:17 +0000">Zlogene</metadata> </glsa>
