Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Slackware 14.1: 2014-013-01 Critical LibXfont Stack Overflow Issue

slackware
Calendar Grey January 14, 2014
Dist Slackware Esm H88
Updated libXfont packages are now available for Slackware to address a stack overflow vulnerability that could potentially allow for privilege escalation.
New libXfont packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue

Summary

Here are the details from the Slackware 14.1 ChangeLog: patches/packages/libXfont-1.4.7-i486-1_slack14.1.txz: Upgraded. This update fixes a stack overflow when reading a BDF font file containing a longer than expected string, which could lead to crashes or privilege escalation. For more information, see: https://www.cve.org/CVERecord?id=CVE-2013-6462 (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical software update slackware stack overflow libxfont

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 13.0:
Updated package for Slackware x86_64 13.0:
Updated package for Slackware 13.1:
Updated package for Slackware x86_64 13.1:
Updated package for Slackware 13.37:
Updated package for Slackware x86_64 13.37:
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 13.0 package: 7ee623794aef580b4bf7558d866fae65 libXfont-1.4.7-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 305b7cbe9b6d350c05161eacab99a80f libXfont-1.4.7-x86_64-1_slack13.0.txz
Slackware 13.1 package: e082bca2fd00409d91631bb7156863f9 libXfont-1.4.7-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 7c163c76b3fb28c4fa64331f9bf4027d libXfont-1.4.7-x86_64-1_slack13.1.txz
Slackware 13.37 package: fda77265598ffa01cb0cc89b6310d0d1 libXfont-1.4.7-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 815a61cd07e88234f39badf8572d25bc libXfont-1.4.7-x86_64-1_slack13.37.txz
Slackware 14.0 package: c7152f16dc5c93123d0850138e4ff9b8 libXfont-1.4.7-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 26e127a7546ac150b310f40738adfbec libXfont-1.4.7-x86_64-1_slack14.0.txz
Slackware 14.1 package: 8c3209463d0715b1f0bec65de5f1866f libXfont-1.4.7-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 449c00f274acdb484f9bef89c555930f libXfont-1.4.7-x86_64-1_slack14.1.txz
Slackware -current package: 23559a0985e00a5852e59918d2d51379 x/libXfont-1.4.7-i486-1.txz
Slackware x86_64 -current package: 6399e8d10d536750c815000c3a0b3679 x/libXfont-1.4.7-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical software update slackware stack overflow libxfont

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg libXfont-1.4.7-i486-1_slack14.1.txz

Related News

Your message here