RHSA-2012:0062: Moderate: t1lib security update

The t1lib library allows you to rasterize bitmaps from PostScript Type 1fonts.Two heap-based buffer overflow flaws were found in the way t1lib processedAdobe Font Metrics (AFM) files. If a specially-crafted font file was openedby an application linked against t1lib, it could cause the application tocrash or, potentially, execute arbitrary code with the privileges of theuser running the application. (CVE-2010-2642, CVE-2011-0433)An invalid pointer dereference flaw was found in t1lib. A specially-craftedfont file could, when opened, cause an application linked against t1lib tocrash or, potentially, execute arbitrary code with the privileges of theuser running the application. (CVE-2011-0764)A use-after-free flaw was found in t1lib. A specially-crafted font filecould, when opened, cause an application linked against t1lib to crash or,potentially, execute arbitrary code with the privileges of the userrunning the application. (CVE-2011-1553)An off-by-one flaw was found in t1lib. A specially-crafted font file could,when opened, cause an application linked against t1lib to crash or,potentially, execute arbitrary code with the privileges of the user runningthe application. (CVE-2011-1554)An out-of-bounds memory read flaw was found in t1lib. A specially-craftedfont file could, when opened, cause an application linked against t1lib tocrash. (CVE-2011-1552)Red Hat would like to thank the Evince development team for reportingCVE-2010-2642. Upstream acknowledges Jon Larimer of IBM X-Force as theoriginal reporter of CVE-2010-2642.All users of t1lib are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. All applications linkedagainst t1lib must be restarted for this update to take effect.