Subject: | |
From: | |
Reply To: | |
Date: | Thu, 3 Sep 2015 13:52:07 +0000 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Important: libXfont security update
Advisory ID: SLSA-2015:1708-1
Issue Date: 2015-09-03
CVE Numbers: CVE-2015-1802
CVE-2015-1803
CVE-2015-1804
--
An integer overflow flaw was found in the way libXfont processed certain
Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user
could use this flaw to crash the X.Org server or, potentially, execute
arbitrary code with the privileges of the X.Org server. (CVE-2015-1802)
An integer truncation flaw was discovered in the way libXfont processed
certain Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local
user could use this flaw to crash the X.Org server or, potentially,
execute arbitrary code with the privileges of the X.Org server.
(CVE-2015-1804)
A NULL pointer dereference flaw was discovered in the way libXfont
processed certain Glyph Bitmap Distribution Format (BDF) fonts. A
malicious, local user could use this flaw to crash the X.Org server.
(CVE-2015-1803)
--
SL6
x86_64
libXfont-1.4.5-5.el6_7.x86_64.rpm
libXfont-debuginfo-1.4.5-5.el6_7.x86_64.rpm
libXfont-1.4.5-5.el6_7.i686.rpm
libXfont-debuginfo-1.4.5-5.el6_7.i686.rpm
libXfont-devel-1.4.5-5.el6_7.i686.rpm
libXfont-devel-1.4.5-5.el6_7.x86_64.rpm
i386
libXfont-1.4.5-5.el6_7.i686.rpm
libXfont-debuginfo-1.4.5-5.el6_7.i686.rpm
libXfont-devel-1.4.5-5.el6_7.i686.rpm
SL7
x86_64
libXfont-1.4.7-3.el7_1.i686.rpm
libXfont-1.4.7-3.el7_1.x86_64.rpm
libXfont-debuginfo-1.4.7-3.el7_1.i686.rpm
libXfont-debuginfo-1.4.7-3.el7_1.x86_64.rpm
libXfont-devel-1.4.7-3.el7_1.i686.rpm
libXfont-devel-1.4.7-3.el7_1.x86_64.rpm
- Scientific Linux Development Team
|
|
|