Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Scientific Linux SL7.x Important: Graphite2 Security Issue

Calendar Apr 06, 2016 User Avatar LinuxSecurity Advisories
1 - 2 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory critical code execution application crash graphite2 scientific linux
Important: graphite2 security, bug fix, and 
Date: Wed, 6 Apr 2016 14:46:17 -0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: graphite2 on SL7.x x86_64
MIME-Version: 1.0
Message-ID: <20160406144617.19291.41210@slpackages.fnal.gov>

Synopsis: Important: graphite2 security, bug fix, and
Advisory ID: SLSA-2016:0594-1
Issue Date: 2016-04-06
CVE Numbers: CVE-2016-1521
 CVE-2016-1522
 CVE-2016-1523
 CVE-2016-1526
--

The following packages have been upgraded to a newer upstream version:
graphite2 (1.3.6).

Security Fix(es):

* Various vulnerabilities have been discovered in Graphite2. An attacker
able to trick an unsuspecting user into opening specially crafted font
files in an application using Graphite2 could exploit these flaws to cause
the application to crash or, potentially, execute arbitrary code with the
privileges of the application. (CVE-2016-1521, CVE-2016-1522,
CVE-2016-1523, CVE-2016-1526)
--

SL7
 x86_64
 graphite2-1.3.6-1.el7_2.i686.rpm
 graphite2-1.3.6-1.el7_2.x86_64.rpm
 graphite2-debuginfo-1.3.6-1.el7_2.i686.rpm
 graphite2-debuginfo-1.3.6-1.el7_2.x86_64.rpm
 graphite2-devel-1.3.6-1.el7_2.i686.rpm
 graphite2-devel-1.3.6-1.el7_2.x86_64.rpm

- Scientific Linux Development Team

Related News

Your message here