Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 528
Alerts This Week
Warning Icon 1 528

Scientific Linux LibXfont Stack Overflow Fix: SLSA-2014:0018-1

Scientific Large Esm H446
Important: libXfont security update
Date: Fri, 10 Jan 2014 15:30:08 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: libXfont on SL5.x, SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Important: libXfont security update
Advisory ID: SLSA-2014:0018-1
Issue Date: 2014-01-10
CVE Numbers: CVE-2013-6462
--

A stack-based buffer overflow flaw was found in the way the libXfont
library parsed Glyph Bitmap Distribution Format (BDF) fonts. A malicious,
local user could exploit this issue to potentially execute arbitrary code
with the privileges of the X.Org server. (CVE-2013-6462)

All running X.Org server instances must be restarted for the update to
take effect.
--

SL5
 x86_64
 libXfont-1.2.2-1.0.5.el5_10.i386.rpm
 libXfont-1.2.2-1.0.5.el5_10.x86_64.rpm
 libXfont-debuginfo-1.2.2-1.0.5.el5_10.i386.rpm
 libXfont-debuginfo-1.2.2-1.0.5.el5_10.x86_64.rpm
 libXfont-devel-1.2.2-1.0.5.el5_10.i386.rpm
 libXfont-devel-1.2.2-1.0.5.el5_10.x86_64.rpm
 i386
 libXfont-1.2.2-1.0.5.el5_10.i386.rpm
 libXfont-debuginfo-1.2.2-1.0.5.el5_10.i386.rpm
 libXfont-devel-1.2.2-1.0.5.el5_10.i386.rpm
SL6
 x86_64
 libXfont-1.4.5-3.el6_5.x86_64.rpm
 libXfont-debuginfo-1.4.5-3.el6_5.x86_64.rpm
 libXfont-1.4.5-3.el6_5.i686.rpm
 libXfont-debuginfo-1.4.5-3.el6_5.i686.rpm
 libXfont-devel-1.4.5-3.el6_5.i686.rpm
 libXfont-devel-1.4.5-3.el6_5.x86_64.rpm
 i386
 libXfont-1.4.5-3.el6_5.i686.rpm
 libXfont-debuginfo-1.4.5-3.el6_5.i686.rpm
 libXfont-devel-1.4.5-3.el6_5.i686.rpm

- Scientific Linux Development Team