----------------------------------------------------------------------

Secunia is pleased to announce the release of the annual Secunia
report for 2008.

Highlights from the 2008 report:
 * Vulnerability Research
 * Software Inspection Results
 * Secunia Research Highlights
 * Secunia Advisory Statistics

Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/

Stay Secure,

Secunia


----------------------------------------------------------------------

TITLE:
Debian update for freetype

SECUNIA ADVISORY ID:
SA34967

VERIFY ADVISORY:
http://secunia.com/advisories/34967/

DESCRIPTION:
Debian has issued an update for freetype. This fixes some
vulnerabilities, which can be exploited by malicious people to
potentially compromise an application using the library.

For more information:
SA34723

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1-5+etch4.dsc
Size/MD5 checksum: 806 64611cbb471628359be5e3add390481b
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1.orig.tar.gz
Size/MD5 checksum: 1451392 a584e84d617c6e7919b4aef9b5106cf4
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1-5+etch4.diff.gz
Size/MD5 checksum: 35460 355360a6157070ec1beed2a59b566053

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_alpha.udeb
Size/MD5 checksum: 279388 b3d4210547ecf4a04bf88c75494cc111
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_alpha.deb
Size/MD5 checksum: 385174 278d5134975a1dba703d98240ddc6a63
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_alpha.deb
Size/MD5 checksum: 728690 68737b103f329973ee7d7e9fff4e83c8
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_alpha.deb
Size/MD5 checksum: 169114 5133d57b21cc7cf44b5975b6527b4825

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_amd64.udeb
Size/MD5 checksum: 248282 fc8b4e8e3ffe15eeeb7bcfb162e4a9e1
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_amd64.deb
Size/MD5 checksum: 671298 61b8048d1cbc5275322ed0d730bdbea7
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_amd64.deb
Size/MD5 checksum: 355350 abee35456605685cb9c439363f800173
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_amd64.deb
Size/MD5 checksum: 149832 35ca786b9430666664982428ea773053

arm architecture (ARM)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_arm.deb
Size/MD5 checksum: 334084 5fc9bbce9a35e23c111858aadbc789fd
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_arm.deb
Size/MD5 checksum: 646784 b3d8b2b22ab3afeb931d2aea821cae40
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_arm.udeb
Size/MD5 checksum: 227438 1752dce98655004ce337b2506da50676
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_arm.deb
Size/MD5 checksum: 134032 8adc7ae3f9469d351afbdfe2a4120d79

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_hppa.deb
Size/MD5 checksum: 367148 867febdc912d70e94522d9ce712149c9
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_hppa.deb
Size/MD5 checksum: 684936 3ba0531b968c737e6d2dd35096b828b6
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_hppa.udeb
Size/MD5 checksum: 260684 592acdba2d42293937b84a33a1b336ba
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_hppa.deb
Size/MD5 checksum: 150362 1a25c1494492e10337c8d21267b464de

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_i386.deb
Size/MD5 checksum: 644162 9eafc8843737666cba8d6108d4a15d7c
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_i386.deb
Size/MD5 checksum: 135884 348459f71c33c0a258a7dcce04f9cc3e
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_i386.udeb
Size/MD5 checksum: 236062 05007d69881d19521ad59dce79e1f23f
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_i386.deb
Size/MD5 checksum: 342212 98511ff4ae4ae5f7fee332093a2e346d

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_ia64.deb
Size/MD5 checksum: 222234 8daeb88920829fbf27819b0e0ce5846a
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_ia64.deb
Size/MD5 checksum: 817176 17ad55179e15ad7e9f2de28ab7653c89
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_ia64.deb
Size/MD5 checksum: 489336 9f2723db4d62a1a5eef3fe3dd4612b58
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_ia64.udeb
Size/MD5 checksum: 383742 bce79315cd3fc65a9030c6fd15ff794a

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_mips.deb
Size/MD5 checksum: 347148 5f214cc776abbd81c889d2f2d7cca8fb
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_mips.udeb
Size/MD5 checksum: 241716 54b1cfa583a1b62346724307e00e56db
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_mips.deb
Size/MD5 checksum: 151494 2cc027ba3b4f90007f3be2762a907b08
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_mips.deb
Size/MD5 checksum: 680756 9277c822eabae2330d1878a7373a9294

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_mipsel.deb
Size/MD5 checksum: 347116 7d93b0b91240c48036eadaacfba42af1
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_mipsel.deb
Size/MD5 checksum: 680756 23fd50f0675447182fbc9aa3237a6ef1
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_mipsel.deb
Size/MD5 checksum: 150984 8eb5046e90be34e131305085221af10f
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_mipsel.udeb
Size/MD5 checksum: 241298 85629612fd8622e694de441736e1a789

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_powerpc.deb
Size/MD5 checksum: 146712 8ea5a32715a80160cb1cc2aa867b102c
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_powerpc.udeb
Size/MD5 checksum: 240750 091354c0ed2e1862deb0d9e6115d2180
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_powerpc.deb
Size/MD5 checksum: 661838 3c91577f699fe66b6071dda7c3a42dcb
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_powerpc.deb
Size/MD5 checksum: 346290 b559e4fb3e00fe5fcd588c40602bd910

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_s390.deb
Size/MD5 checksum: 356076 e48aa00adc24d97c93dd9fc2d5f4fd34
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_s390.udeb
Size/MD5 checksum: 250068 e13c662aa161403a864713023cb018e5
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_s390.deb
Size/MD5 checksum: 657196 295be8c03e50515aabdcfb1788156aeb
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_s390.deb
Size/MD5 checksum: 151346 854a1fe96587a70a6067f4a5affb0121

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_sparc.udeb
Size/MD5 checksum: 219912 7eeccf7c86fe05ca6d298936e6b10ab6
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_sparc.deb
Size/MD5 checksum: 130716 c6a1f315342ae245cbda46a84e90c433
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_sparc.deb
Size/MD5 checksum: 640902 f7ca045b251e70739392ec7ce8ab482e
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_sparc.deb
Size/MD5 checksum: 327038 bb3585c482b61149ce8263f41aae47e1


-- Debian GNU/Linux 5.0 alias lenny --

Source archives:

http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny1.dsc
Size/MD5 checksum: 1218 44b657bd7355ca8852b5f728220521ce
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny1.diff.gz
Size/MD5 checksum: 32714 61c850f28c09fe85dae75d4f1b99face
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz
Size/MD5 checksum: 1567540 c1a9f44fde316470176fd6d66af3a0e8

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_alpha.deb
Size/MD5 checksum: 410964 cb1fe88aabd717639646ac801af81ee2
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_alpha.udeb
Size/MD5 checksum: 296580 9a038e74a937abc9e778983f0c29d34b
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_alpha.deb
Size/MD5 checksum: 773016 8bca0aa54bcf4ebae4fbac5d2187d227
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_alpha.deb
Size/MD5 checksum: 253016 e7d7396812a700bb5ed96267dfb9c688

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_amd64.deb
Size/MD5 checksum: 386078 4e02c0874f0d74024377d5ad0db011c2
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_amd64.udeb
Size/MD5 checksum: 269820 9b45623d31f65844ad61a94cef4ef247
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_amd64.deb
Size/MD5 checksum: 224982 0bf7345babe2902e3dbd7f3faea3e500
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_amd64.deb
Size/MD5 checksum: 716368 db2d36f34779db9ed2f4cc7696c4e63e

arm architecture (ARM)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_arm.deb
Size/MD5 checksum: 357008 c75a4aef434efb7350d4fa61c970b49f
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_arm.deb
Size/MD5 checksum: 686206 6e3e297e88ee26914783c6b5ac21ad86
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_arm.udeb
Size/MD5 checksum: 242328 7a9e43536fc66794183900c4fe55f71d
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_arm.deb
Size/MD5 checksum: 205088 29f58b85f53aaaa55dd7ee193b4d54eb

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_armel.deb
Size/MD5 checksum: 352880 86d4884de97fa6d8efd0e69bfcbe639a
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_armel.udeb
Size/MD5 checksum: 236650 a59f0476b2d47b8230ff73807c842c24
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_armel.deb
Size/MD5 checksum: 209746 1866c3d74ec811d6d817d64d12433037
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_armel.deb
Size/MD5 checksum: 682520 942a49f6a3a9f5a59942139b406b5ffc

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_hppa.deb
Size/MD5 checksum: 390162 cf7cd361dfbdb42d2ed322700eb64d9c
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_hppa.udeb
Size/MD5 checksum: 273886 186d424c56d93dbe83e92b7c85c4358c
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_hppa.deb
Size/MD5 checksum: 226784 4664ea025f33f37d3038a90531209d72
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_hppa.deb
Size/MD5 checksum: 724860 b53ea689c65363dd51583064caa53cb9

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_i386.udeb
Size/MD5 checksum: 254386 951df80ccc9bef3d07dedbbe17760d82
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_i386.deb
Size/MD5 checksum: 198880 46f5663ce579a51e18dc934109cc0645
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_i386.deb
Size/MD5 checksum: 685616 76c13ff85e98143d4e5fd52b69968784
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_i386.deb
Size/MD5 checksum: 371606 7e56c724b16e31ea9e2b42c54ec4a251

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_ia64.deb
Size/MD5 checksum: 530754 94cf9762bf27b1b9a4bd3d35ea6758a4
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_ia64.deb
Size/MD5 checksum: 332086 9a5888c8030cd330977a64a477a0a41b
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_ia64.deb
Size/MD5 checksum: 876300 7b32ce2b7ff8373de9f51cd192c023ca
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_ia64.udeb
Size/MD5 checksum: 415562 2b8999a2fc8880c2e4961e2e73841088

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_mips.deb
Size/MD5 checksum: 369352 36448c61e845aa19ad6faa289ea2197c
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_mips.deb
Size/MD5 checksum: 713460 06a964dd69eddcc3ca57d1407f2b5862
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_mips.deb
Size/MD5 checksum: 214692 8b8657d67b7fc506d58d81e6373b3ca4
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_mips.udeb
Size/MD5 checksum: 253888 b50c6cbcf39b19ded0e1eef2a02ce791

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_powerpc.deb
Size/MD5 checksum: 232708 7d465ffc5c11c8905504c46e8a84b4f1
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_powerpc.deb
Size/MD5 checksum: 704558 595985965b7457bad1736f29b824c6ee
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_powerpc.udeb
Size/MD5 checksum: 262760 b6acafdb4fe4027b06ccc2391f9f97a2
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_powerpc.deb
Size/MD5 checksum: 377576 6d0f0b5a2a591bafd311cb1fb9dbee92

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_s390.udeb
Size/MD5 checksum: 268096 5f407b3c65dfd595178dc613a1317723
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_s390.deb
Size/MD5 checksum: 698526 71f0ebec47a0849792b0fcde8cb303f7
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_s390.deb
Size/MD5 checksum: 383702 9a8756caba0dede5c29ddb6679d81c92
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_s390.deb
Size/MD5 checksum: 225100 035b81559e7890c37e1786b5ed5abb18

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_sparc.udeb
Size/MD5 checksum: 235404 bf3d981df44758a15b90cd112af49269
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_sparc.deb
Size/MD5 checksum: 200860 fd28ab28bf37b1b744ae1d355fc424eb
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_sparc.deb
Size/MD5 checksum: 679232 2fc951d4720997ab6c627145c75e942a
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_sparc.deb
Size/MD5 checksum: 351398 9cd398f6ba4b5431385746dc308e828e

-- Debian GNU/Linux unstable alias sid --

Fixed in version 2.3.9-4.1.

ORIGINAL ADVISORY:
DSA-1784-1:
http://lists.debian.org/debian-security-announce/2009/msg00095.html

OTHER REFERENCES:
SA34723:
http://secunia.com/advisories/34723/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------