USN-4126-2
- Source
- https://ubuntu.com/security/notices/USN-4126-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4126-2.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-4126-2
- Related
- Published
- 2019-09-09T19:06:18.299926Z
- Modified
- 2019-09-09T19:06:18.299926Z
- Summary
- freetype vulnerabilities
- Details
-
USN-4126-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information. (CVE-2015-9381, CVE-2015-9382)
Original advisory details:
It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information. (CVE-2015-9383)
- References
Affected packages
Ubuntu:14.04:LTS / freetype
Package
- Name
- freetype
- Purl
- pkg:deb/ubuntu/freetype?arch=src?distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.5.2-1ubuntu2.8+esm1
Affected versions
2.*
2.4.12-0ubuntu1
2.5.0.1-0ubuntu2
2.5.1-1ubuntu1
2.5.1-1ubuntu2
2.5.1-2ubuntu1
2.5.2-1ubuntu1
2.5.2-1ubuntu2
2.5.2-1ubuntu2.1
2.5.2-1ubuntu2.2
2.5.2-1ubuntu2.3
2.5.2-1ubuntu2.4
2.5.2-1ubuntu2.5
2.5.2-1ubuntu2.6
2.5.2-1ubuntu2.7
2.5.2-1ubuntu2.8
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "2.5.2-1ubuntu2.8+esm1",
"binary_name": "libfreetype6-dev"
},
{
"binary_version": "2.5.2-1ubuntu2.8+esm1",
"binary_name": "libfreetype6-udeb"
},
{
"binary_version": "2.5.2-1ubuntu2.8+esm1",
"binary_name": "freetype2-demos"
},
{
"binary_version": "2.5.2-1ubuntu2.8+esm1",
"binary_name": "libfreetype6"
}
]
}