Freetype; Rhsa-2009:1061: Important Security Update; Gcc; Rhba-2009:1376: Bug Fix Update - Red Hat ENTERPRISE LINUX 5.4 - TECHNICAL NOTES Manual
Hide thumbs
Also See for ENTERPRISE LINUX 5.4 - TECHNICAL NOTES:
- Reference manual (86 pages) ,
- Manual (80 pages) ,
- Release note (20 pages)
Table of Contents
Advertisement
Chapter 1. Package Updates
1.60. freetype
1.60.1. RHSA-2009:1061: Important security update
Important
This update has already been released (prior to the GA of this release) as the security
RHSA-2009:1061
errata
Updated freetype packages that fix various security issues are now available for Red Hat Enterprise
Linux 5.
This update has been rated as having important security impact by the Red Hat Security Response
Team.
FreeType is a free, high-quality, portable font engine that can open and manage font files. It also
loads, hints, and renders individual glyphs efficiently. These packages provide the FreeType 2 font
engine.
Tavis Ormandy of the Google Security Team discovered several integer overflow flaws in the
FreeType 2 font engine. If a user loaded a carefully-crafted font file with an application linked against
FreeType 2, it could cause the application to crash or, possibly, execute arbitrary code with the
privileges of the user running the application.
Users are advised to upgrade to these updated packages, which contain a backported patch to correct
these issues. The X server must be restarted (log out, then log back in) for this update to take effect.
1.61. gcc
1.61.1. RHBA-2009:1376: bug fix update
A gcc update that resolves several GFortran compiler bugs (along with several other bugs) is now
available.
The gcc packages include C, C++, Java, Fortran, Objective C, and Ada 95 GNU compilers, along with
related support libraries.
This update applies the following bug fixes:
• 64-bit multiplication by constant on the x86 platform caused unexpected aborts when compiling
code that used 'unsigned long long' variables. This was because the compiler did not check whether
CONST_DOUBLE_LOW was positive when multiplying constants. With this update, the compiler
now check if CONST_DOUBLE_LOW is positive, ensuring that 'unsigned long long' variables are
processed correctly during compiles.
• A bug in the way the GFortran compiler processed unique symtrees could have prevented some
valid GFortran code from compiling if the code contained symbols defined by USE and ONLY
clauses. Whenever this occurred, the compile attempt would fail with a segmentation fault. This
update adds a special function that correctly reconciles symbols with unique symtrees, which
resolves this bug.
(BZ#483845
404
https://www.redhat.com/security/data/cve/CVE-2009-0946.html
66
403
(CVE-2009-0946
405
(BZ#465807
)
406
)
404
)
Advertisement
Table of Contents
Related Manuals for Red Hat ENTERPRISE LINUX 5.4 - TECHNICAL NOTES
Related Products for Red Hat ENTERPRISE LINUX 5.4 - TECHNICAL NOTES
- Red Hat DEVICE-MAPPER MULTIPATH 5.2
- Red Hat NETWORK SATELLITE 5.1.0 - CHANNEL MANAGEMENT
- Red Hat NETWORK SATELLITE 5.3.0 - CHANNEL MANAGEMENT
- Red Hat GLOBAL FILE SYSTEM 5.0
- Red Hat GLOBAL FILE SYSTEM 5.1
- Red Hat NETWORK SATELLITE 5.0.0 -
- Red Hat NETWORK SATELLITE 5.1.1 - RELEASE NOTES
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
- Red Hat APPLICATION STACK 1.4 RELEASE
- Red Hat APPLICATION STACK 2.0 RELEASE
- Red Hat APPLICATION STACK 2.1 RELEASE
- Red Hat APPLICATION STACK 2.2 RELEASE
Need help?
Do you have a question about the ENTERPRISE LINUX 5.4 - TECHNICAL NOTES and is the answer not in the manual?
Questions and answers