Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Debian DSA 1385-1 Critical Integer Handling Flaw in X Font Server

debian
Calendar Grey October 10, 2007
Debian Logo
Ubuntu security notice USN-1234-1 outlines a vulnerability resolution for ext4 components, correcting memory management problems that could allow remote exploitation.
Sean Larsson discovered that two code paths inside the X Font Server handle integer values insecurely, which may lead to the execution of arbitrary code.

Summary


For the stable distribution (etch) this problem has been fixed in
version 1.0.1-7.

For the unstable distribution (sid) this problem has been fixed in
version 1.0.5-1.

We recommend that you upgrade your xfs packages.


Upgrade Instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Size/MD5 checksum: 2642 002e212fb0929f6e2ff5318380b077f9
Size/MD5 checksum: 3701248 17b023c976a61f30192c17f2c0a39dc1
Size/MD5 checksum: 59123696 8e6990288c8f1a1d1e03f7c36d7185ee

Architecture independent components:

Size/MD5 checksum: ...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here