Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Thu, 3 Sep 2015 13:52:07 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Important: libXfont on SL6.x, SL7.x i386/x86_64 MIME-Version: 1.0 Message-ID: <20150903135207.13911.62780@slpackages.fnal.gov> Synopsis: Important: libXfont security update Advisory ID: SLSA-2015:1708-1 Issue Date: 2015-09-03 CVE Numbers: CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 -- An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. (CVE-2015-1802) An integer truncation flaw was discovered in the way libXfont processed certain Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. (CVE-2015-1804) A NULL pointer dereference flaw was discovered in the way libXfont processed certain Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user could use this flaw to crash the X.Org server. (CVE-2015-1803) -- SL6 x86_64 libXfont-1.4.5-5.el6_7.x86_64.rpm libXfont-debuginfo-1.4.5-5.el6_7.x86_64.rpm libXfont-1.4.5-5.el6_7.i686.rpm libXfont-debuginfo-1.4.5-5.el6_7.i686.rpm libXfont-devel-1.4.5-5.el6_7.i686.rpm libXfont-devel-1.4.5-5.el6_7.x86_64.rpm i386 libXfont-1.4.5-5.el6_7.i686.rpm libXfont-debuginfo-1.4.5-5.el6_7.i686.rpm libXfont-devel-1.4.5-5.el6_7.i686.rpm SL7 x86_64 libXfont-1.4.7-3.el7_1.i686.rpm libXfont-1.4.7-3.el7_1.x86_64.rpm libXfont-debuginfo-1.4.7-3.el7_1.i686.rpm libXfont-debuginfo-1.4.7-3.el7_1.x86_64.rpm libXfont-devel-1.4.7-3.el7_1.i686.rpm libXfont-devel-1.4.7-3.el7_1.x86_64.rpm - Scientific Linux Development Team