Stay Vigilant with Timely Linux Security Advisories

security advisoryfedoracritical severity

Fedora 37: FEDORA-2023-c026222382 Critical: xrdp Font Issue

Release notes for xrdp v0.9.23.1 (2023/09/27) This is a security fix release for CVE-2023-42822. This update is recommended for all xrdp users. Security fixes - CVE-2023-42822: Unchecked access to font glyph info. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-c026222382 2023-10-06 00:50:52.919327 -------------------------------------------------------------------------------- Name : xrdp Product : Fedora 37 Version : 0.9.23.1 Release : 1.fc37 URL : http://www.xrdp.org/ Summary : Open source remote desktop protocol (RDP) server Description : xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client. -------------------------------------------------------------------------------- Update Information: Release notes for xrdp v0.9.23.1 (2023/09/27) This is a security fix release for CVE-2023-42822. This update is recommended for all xrdp users. Security fixes - CVE-2023-42822: Unchecked access to font glyph info -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 28 2023 Bojan Smojver - 1:0.9.23.1-1 - Update to 0.9.23.1 - CVE-2023-42822 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2242232 - CVE-2023-42822 xrdp: Unchecked access to font glyph info [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2242232 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-c026222382' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . This essential xrdp enhancement resolves CVE-2023-42822 and bolsters security for Fedora 37 users.. xrdp update, Fedora 37 security, remote desktop protocol. . Severity: Critical. LinuxSecurity.com Team

Oct 06, 2023 •Critical Fedora

security advisorycriticalremote code execution

Ubuntu 23.04: USN-6062-1 Critical FreeType Arbitrary Code Execute

FreeType could be made to crash or possibly execute arbitrary code if it opened a specially crafted font file.. =========================================================================Ubuntu Security Notice USN-6062-1 May 09, 2023 freetype vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: FreeType could be made to crash or possibly execute arbitrary code if it opened a specially crafted font file. Software Description: - freetype: FreeType 2 is a font engine library Details: It was discovered that FreeType incorrectly handled certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: libfreetype6 2.12.1+dfsg-4ubuntu0.1 Ubuntu 22.10: libfreetype6 2.12.1+dfsg-3ubuntu0.1 Ubuntu 22.04 LTS: libfreetype6 2.11.1+dfsg-1ubuntu0.2 Ubuntu 20.04 LTS: libfreetype6 2.10.1-2ubuntu0.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6062-1 CVE-2023-2004 Package Information: https://launchpad.net/ubuntu/+source/freetype/2.12.1+dfsg-4ubuntu0.1 https://launchpad.net/ubuntu/+source/freetype/2.12.1+dfsg-3ubuntu0.1 https://launchpad.net/ubuntu/+source/freetype/2.11.1+dfsg-1ubuntu0.2 https://launchpad.net/ubuntu/+source/freetype/2.10.1-2ubuntu0.3 . A FreeType vulnerability in Ubuntu can lead to crashes or execution of arbitrary code via malformed font files. Immediate updates are necessary!. FreeType Vulnerability, Ubuntu 2023, Security Patch, Remote Code Execution, Font File Issue. . Severity: Critical. LinuxSecurity.comTeam

May 09, 2023 •Critical Ubuntu

security advisoryFedoraCVE fix

Fedora 35: FEDORA-2022-7ce9378e90 Critical: Font Security Fix

- put the font back in /boot for now Yes, this bloats size by a couple meg. Hopefully this won't cause problems for anyone and everyone can be okay with this CVE fix update. ---- - Adjust the way we provide unicode.pf2 for post-CVE lockdown policy ---- Two font-related CVE updates (CVE-2022-2601 and CVE-2022-3775). For more information, see [upstream's. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-7ce9378e90 2022-12-01 01:38:10.541221 --------------------------------------------------------------------------------Name : grub2 Product : Fedora 35 Version : 2.06 Release : 14.fc35 URL : Summary : Bootloader with support for Linux, Multiboot and more Description : The GRand Unified Bootloader (GRUB) is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices. --------------------------------------------------------------------------------Update Information: - put the font back in /boot for now Yes, this bloats size by a couple meg. Hopefully this won't cause problems for anyone and everyone can be okay with this CVE fix update. ---- - Adjust the way we provide unicode.pf2 for post-CVE lockdown policy ---- Two font-related CVE updates (CVE-2022-2601 and CVE-2022-3775). For more information, see [upstream's disclosure]() or the patches themselves. --------------------------------------------------------------------------------ChangeLog: * Wed Nov 23 2022 Robbie Harwood - 2.06-14 - Put the font in /boot again because lorax is PTO * Tue Nov 22 2022 Robbie Harwood - 2.06-13 - Bundle unicode.pf2 with images - Resolves: #2143725 - Resolves: #2144113 * Tue Nov 15 2022 Robbie Harwood - 2.06-12 - Font fixes (CVE-2022-2601 batch) --------------------------------------------------------------------------------References: [ 1 ] Bug #2143725 -2.06-55.fc36 secure boot problem (non-latin1 characters broken) https://bugzilla.redhat.com/show_bug.cgi?id=2143725 [ 2 ] Bug #2144113 - Latest grub2 breaks gfxterm https://bugzilla.redhat.com/show_bug.cgi?id=2144113 [ 3 ] Bug #2146545 - Latest grub2 build drops unicode.pf2 , which breaks multiple critical image composes https://bugzilla.redhat.com/show_bug.cgi?id=2146545 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-7ce9378e90' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Keep up to date regarding the recent grub2 update from Fedora, which tackles font-associated CVE vulnerabilities, all while optimizing system stability and safeguarding security.. Fedora Grub2 Patch, Font Security Fix, Linux Bootloader Update. . Severity: Critical. LinuxSecurity.com Team

Nov 30, 2022 •Critical Fedora

security advisoryFedoracritical update

Fedora 36: FEDORA-2022-f86e203baf Critical Font Issues Fix

- put the font back in /boot for now Yes, this bloats size by a couple meg. Hopefully this won't cause problems for anyone and everyone can be okay with this CVE fix update. ---- - Adjust the way we provide unicode.pf2 for post-CVE lockdown policy ---- Two font-related CVE updates (CVE-2022-2601 and CVE-2022-3775). For more information, see [upstream's. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-f86e203baf 2022-11-27 01:34:47.759118 --------------------------------------------------------------------------------Name : grub2 Product : Fedora 36 Version : 2.06 Release : 57.fc36 URL : Summary : Bootloader with support for Linux, Multiboot and more Description : The GRand Unified Bootloader (GRUB) is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices. --------------------------------------------------------------------------------Update Information: - put the font back in /boot for now Yes, this bloats size by a couple meg. Hopefully this won't cause problems for anyone and everyone can be okay with this CVE fix update. ---- - Adjust the way we provide unicode.pf2 for post-CVE lockdown policy ---- Two font-related CVE updates (CVE-2022-2601 and CVE-2022-3775). For more information, see [upstream's disclosure]() or the patches themselves. --------------------------------------------------------------------------------ChangeLog: * Wed Nov 23 2022 Robbie Harwood - 2.06-57 - Temporarily restore the font because everything is pain * Tue Nov 22 2022 Robbie Harwood - 2.06-56 - Bundle unicode.pf2 with images - Resolves: #2143725 - Resolves: #2144113 * Tue Nov 15 2022 Robbie Harwood - 2.06-55 - Font fixes (CVE-2022-2601 batch) --------------------------------------------------------------------------------References: [ 1 ] Bug#2143725 - 2.06-55.fc36 secure boot problem (non-latin1 characters broken) https://bugzilla.redhat.com/show_bug.cgi?id=2143725 [ 2 ] Bug #2144113 - Latest grub2 breaks gfxterm https://bugzilla.redhat.com/show_bug.cgi?id=2144113 [ 3 ] Bug #2146545 - Latest grub2 build drops unicode.pf2 , which breaks multiple critical image composes https://bugzilla.redhat.com/show_bug.cgi?id=2146545 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-f86e203baf' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Essential Debian patch resolves display problems in GRUB2 linked to CVE risks. Fortify system integrity and performance.. Fedora Grub2 Update, Linux Security Patch, Font Issue Resolution, CVE Fix for Grub2. . Severity: Critical. LinuxSecurity.com Team

Nov 26, 2022 •Critical Fedora

security advisorydebiancritical threat

Debian: DSA-3523-1 Critical: Iceweasel Font Issue Resolved

This update disables the Graphite font shaping library in Iceweasel, Debian's version of the Mozilla Firefox web browser. For the oldstable distribution (wheezy), this problem has been fixed . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3523-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff March 20, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : iceweasel CVE ID : not available This update disables the Graphite font shaping library in Iceweasel, Debian's version of the Mozilla Firefox web browser. For the oldstable distribution (wheezy), this problem has been fixed in version 38.7.1esr-1~deb7u1. For the stable distribution (jessie), this problem has been fixed in version 38.7.1esr-1~deb8u1. For the unstable distribution (sid), this problem has been fixed in version 45.0.1esr-1 of the firefox-esr source package. We recommend that you upgrade your iceweasel packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The recent patch for Iceweasel has removed support for the Graphite font shaping library to bolster security measures across Debian platforms.. Debian Security Advisory, Iceweasel Update, Browser Security Fix. . Severity: Critical. LinuxSecurity.com Team

Mar 20, 2016 •Critical Debian

security advisoryhigh severityUbuntu

Ubuntu 11.10: 1335-1 High: t1lib Malformed Font Crash Risk

t1lib could be made to crash or run programs as your login if it opened a specially crafted font file.. =========================================================================Ubuntu Security Notice USN-1335-1 January 19, 2012 t1lib vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: t1lib could be made to crash or run programs as your login if it opened a specially crafted font file. Software Description: - t1lib: Type 1 font rasterizer library - runtime Details: Jon Larimer discovered that t1lib did not properly parse AFM fonts. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash or possibly execute arbitrary code with user privileges. (CVE-2010-2642, CVE-2011-0433) Jonathan Brossard discovered that t1lib did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash. (CVE-2011-1552, CVE-2011-1553, CVE-2011-1554) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libt1-5 5.1.2-3ubuntu0.11.10.2 Ubuntu 11.04: libt1-5 5.1.2-3ubuntu0.11.04.2 Ubuntu 10.10: libt1-5 5.1.2-3ubuntu0.10.10.2 Ubuntu 10.04 LTS: libt1-5 5.1.2-3ubuntu0.10.04.2 In general, a standard system update will make all the necessary changes. References: CVE-2010-2642, CVE-2011-0433, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554 Package Information: https://launchpad.net/ubuntu/+source/t1lib/5.1.2-3ubuntu0.11.10.2 https://launchpad.net/ubuntu/+source/t1lib/5.1.2-3ubuntu0.11.04.2 https://launchpad.net/ubuntu/+source/t1lib/5.1.2-3ubuntu0.10.10.2 https://launchpad.net/ubuntu/+source/t1lib/5.1.2-3ubuntu0.10.04.2 . t1lib weaknesses present in Ubuntu may enable system crashes or running of unauthorized applications. It is advisable to perform an update for enhanced security.. t1lib Security, Ubuntu Update, Font Exploit, Software Patch. . LinuxSecurity.com Team

Jan 19, 2012 Ubuntu

security advisorysoftware updateUbuntu

Ubuntu 6.06-7.10 USN-550-3 Critical: Libcairo Font Rendering Fix

USN-550-1 fixed vulnerabilities in Cairo. A bug in font glyph rendering was uncovered as a result of the new memory allocation routines. In certain situations, fonts containing characters with no width or height would not render any more. This update fixes the problem. We apologize for the inconvenience. . =========================================================== Ubuntu Security Notice USN-550-3 December 13, 2007 libcairo regression https://bugs.launchpad.net/ubuntu/+source/libcairo/+bug/175573 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libcairo2 1.0.4-0ubuntu1.2 Ubuntu 6.10: libcairo2 1.2.4-1ubuntu2.2 Ubuntu 7.04: libcairo2 1.4.2-0ubuntu1.3 Ubuntu 7.10: libcairo2 1.4.10-1ubuntu4.4 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: USN-550-1 fixed vulnerabilities in Cairo. A bug in font glyph rendering was uncovered as a result of the new memory allocation routines. In certain situations, fonts containing characters with no width or height would not render any more. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges. Updated packages for Ubuntu 6.06 LTS: Source archives: Size/MD5: 21759 e41fe630a06c82f9a7f977ace3b72098 Size/MD5: 7586c51cf24a74fedd37809e4cc1a7b2f9d Size/MD5: 1475777 9002b0e69b3f94831a22d3f2a7735ce2 Architecture independent packages: Size/MD5: 249090 b47a8a55394e4d80991ee7e113a7319a amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 379432 db1755dd03cb6872c8812fb95a70fda6 Size/MD5: 325784 6aa35609e35bd3e585f9c2d8676c41ed i386 architecture (x86 compatible Intel/AMD): Size/MD5: 349960 c7e8786bf619a5b56ccdc52476495e23 Size/MD5: 306244 a8b8718de3cae9481c414f8f02ba5353 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 358940 13a0175de8bc77610a04cba052096d52 Size/MD5: 310650 e85d295192c6f6e519d20cd28688f173 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 345040 40d3cccf5874925daa67421ee0ab90dc Size/MD5: 300000 90be630d2e3fcaa03ba18169c5f7a40c Updated packages for Ubuntu 6.10: Source archives: Size/MD5: 25217 b27d11953aa5ffdb1820ebd03c18c701 Size/MD5: 896 6b639fbaa3718b35a0f51f23ac086788 Size/MD5: 2882781 1222b2bfdf113e2c92f66b3389659f2d Architecture independent packages: Size/MD5: 299434 a8124a9014a71d7586d9f4bb45ad1977 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 416962 a27dbbca13a988d71677e8ac099095ad Size/MD5: 356808 1cc7ed2a382a28f2957a307c40fb9d0a Size/MD5: 471606 c147c040284d2780e76a3ecc0bb7b19a Size/MD5: 395860 de175306f72fd05d9455d742ffa37e59 Size/MD5: 158538 42e94f99b1cccb1a95f9fc3cdb6cfa17 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 399782 f0c7f8196fd61e6b92a505c3261ed972 Size/MD5: 348336 c2914ccbbde0afd38d9118c4bdccd977 Size/MD5: 446514 8c1c1ee01f3becf3e461f25792c1d017 Size/MD5: 385636 2b838294cc98af8002ba7f449f3b548d Size/MD5: 150090 7a70e041387b1af79661c5aeff7202f6 powerpc architecture(Apple Macintosh G3/G4/G5): Size/MD5: 401070 34786d08cd917bd16e07cf225987a620 Size/MD5: 345396 a47e32ca6af8e3ad2790e361253a97f6 Size/MD5: 455332 50fb017f4eef8d65a6a6e2ebe757f1ea Size/MD5: 383174 61d2144a7d06c05683bcb92365aa8a9d Size/MD5: 146982 7d8afc1573aba11efb65584f7cd5f059 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 383912 c623fd762b477c37fcaa1ca2bcb18cf0 Size/MD5: 333300 3c780eaba574fbed0bcf1ace23f2df54 Size/MD5: 432132 ced7984d0cb0caf9652c4f75b521797e Size/MD5: 369110 e1a57ff50fa5719fbeef537c7cab2b8c Size/MD5: 135032 bb15b511c6ba0b5af0d393abf7c1574a Updated packages for Ubuntu 7.04: Source archives: Size/MD5: 29768 4a876d28110b1a3424f13da8203b156a Size/MD5: 980 60227257968f24dbd908b70cfd998a0a Size/MD5: 3081092 b254633046eafe603776d0bee791b751 Architecture independent packages: Size/MD5: 329292 5a2ef8b496d2b39e7c0a30f56a5ec4b2 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 515290 dc95d2e57e217895efad772edf0e2b78 Size/MD5: 430516 5283fd6ecfcbe75a8c6e7a0178074292 Size/MD5: 537344 c9a42b6ed850f3b2aebbb76ab06eee84 Size/MD5: 446332 9a87b277055410f469e38247e3fddc02 Size/MD5: 214120 928e936dd1345e82af7639a4e7f063cd i386 architecture (x86 compatible Intel/AMD): Size/MD5: 489076 b7e1ebf69179067c25fb6f30f5cf527e Size/MD5: 420370 dab0ec21be7bc7ff5dca987465f266aa Size/MD5: 508982 569e7c392ea3a3496891390bc9ee7165 Size/MD5: 435944 7bc22d4300415b54adbd0288c8821170 Size/MD5: 204148 ae40b67f9ea8d8103bdb15ae38645dbc powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 498570 11f55dc91143a6d0c23bdcf668ab8329 Size/MD5: 423184 843707e16edccb864293512f6b39c3b2 Size/MD5: 520668d56ec59cfb635d7be49f394b78e1cd48 Size/MD5: 439108 25879c0110630948fbb77a823be74a41 Size/MD5: 206988 ca62a53a772092f28e6b1f9fa824711a sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 472324 99f77ed05576732e8ee73d7d096fed44 Size/MD5: 402526 a8e53a33b1c4d3ee50bde4527a9cefc2 Size/MD5: 492546 43b46a92a315073d18cc951826ad4956 Size/MD5: 417468 6c85ab3d1c3bdb8499eb612c419b9739 Size/MD5: 186278 ef8b4a646415a911ff870b2a5b6e16ed Updated packages for Ubuntu 7.10: Source archives: Size/MD5: 36111 6c63566f300719be4da7a0bcac09075d Size/MD5: 1013 a988294356e56089f185f29bdcb5ae0d Size/MD5: 3216689 5598a5e500ad922e37b159dee72fc993 Architecture independent packages: Size/MD5: 407892 1e9ad8fa3de85f6f2f50f3278928f341 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 572456 992d9deed2678d330b6c0d254f775dae Size/MD5: 489386 dbe2ea733a7c072891269551aa7177ba Size/MD5: 633054 94340a3751ba5b35911a34b42d0b53c3 Size/MD5: 537180 ba458194ce4234a1e7735e34705c998d Size/MD5: 195868 d288b4d3a3feb119a20595ccec9cd6f8 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 546768 ce0e739d1d19d8fc29c88d72bbfa5b6c Size/MD5: 479970 798eb7fc786c5d0759215f462252c8df Size/MD5: 601468 ef0f0772ab913e8695b53dccb56494b6 Size/MD5: 524340 a418f4341d95ed191415b5d2365bd586 Size/MD5: 186454 8485e6b8030f52f62c6a905cab3352e1 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 555094 258ea4c57683624d80c8cb8e6c544b70 Size/MD5: 479242 e23bc3b619bc533d25eb9873bb6e68b4 Size/MD5: 614090 cd5520db5b878821d52ed13ad69747b7 Size/MD5: 528694 5416ec8f3f67c509fc52b3f01f22b96b Size/MD5: 186298 b6a9fd722001d6fcd0987b3a88503f99 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 543968 126b4d740f9ad684c6e47c286b87afc8 Size/MD5: 471474 e897822f36019d17501472bc9b6c4791 Size/MD5: 585030 c0cf996cb88ed74b0886f76ec35cc7b7 Size/MD5: 505554 f20daf037a08ad67b818c98ad7717bea Size/MD5: 177700 79888f6855ad4b9b64741c955b0581fd . Ubuntu Security Notification USN-551-4 addresses a serious vulnerability in libjpeg image processing library impacting several versions.. libcairo issue, Ubuntu update, security patch, font rendering, bug fix. . Severity: Critical. LinuxSecurity.com Team

Dec 12, 2007 •Critical Ubuntu

security advisoryFedora Corecritical update

Fedora Core 3: 2005-109 Critical: xpdf Font Handling Issue

Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. Xpdf is a small and efficient program which uses standard X fonts.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-109 2005-02-03 ---------------------------------------------------------------------Product : Fedora Core 3 Name : xpdf Version : 3.00 Release : 10.3 Summary : A PDF file viewer for the X Window System. Description : Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. Xpdf is a small and efficient program which uses standard X fonts. ---------------------------------------------------------------------* Wed Feb 02 2005 Than Ngo 1:3.00-10.3 - fix handling CID font encodings in freetype > = 2.1.8 (bug #135066, #143948) - set match as default psPaperSize #141131 - don't link against t1lib, use freetype2 for rendering ---------------------------------------------------------------------This update can be downloaded from: dd6ebd66287d70df740f755af5e9bab6 SRPMS/xpdf-3.00-10.3.src.rpm 143aeb1e914d70c808c0010d7c639b39 x86_64/xpdf-3.00-10.3.x86_64.rpm d5baffa0e91abc1fe8c8850aa243c331 x86_64/debug/xpdf-debuginfo-3.00-10.3.x86_64.rpm 02bad0e75c0a4dd4b208ba97089b0959 i386/xpdf-3.00-10.3.i386.rpm cecfadd59f5b6fac8172a10a60ce68a2 i386/debug/xpdf-debuginfo-3.00-10.3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest xpdf update for Fedora Core 3 addresses font rendering problems and enhances the overall PDF reading experience.. PDF Viewer,Fedora,X Window System,Update Notification,Freetype Fix. . Severity: Critical. LinuxSecurity.com Team

Feb 03, 2005 •Critical Fedora

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Fedora 37: FEDORA-2023-c026222382 Critical: xrdp Font Issue

Ubuntu 23.04: USN-6062-1 Critical FreeType Arbitrary Code Execute

Fedora 35: FEDORA-2022-7ce9378e90 Critical: Font Security Fix

Fedora 36: FEDORA-2022-f86e203baf Critical Font Issues Fix

Debian: DSA-3523-1 Critical: Iceweasel Font Issue Resolved

Ubuntu 11.10: 1335-1 High: t1lib Malformed Font Crash Risk

Ubuntu 6.06-7.10 USN-550-3 Critical: Libcairo Font Rendering Fix

Fedora Core 3: 2005-109 Critical: xpdf Font Handling Issue

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!