LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis: Important: fribidi security update
Advisory ID:       SLSA-2019:4326-1
Issue Date:        2019-12-19
CVE Numbers:       CVE-2019-18397
--

Security Fix(es):

* fribidi: buffer overflow in fribidi_get_par_embedding_levels_ex() in lib
/fribidi-bidi.c leading to denial of service and possible code execution
(CVE-2019-18397)
--

SL7
  x86_64
    fribidi-debuginfo-1.0.2-1.el7_7.1.i686.rpm
    fribidi-debuginfo-1.0.2-1.el7_7.1.x86_64.rpm
    fribidi-1.0.2-1.el7_7.1.i686.rpm
    fribidi-1.0.2-1.el7_7.1.x86_64.rpm
    fribidi-devel-1.0.2-1.el7_7.1.i686.rpm
    fribidi-devel-1.0.2-1.el7_7.1.x86_64.rpm

- Scientific Linux Development Team