Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 5 articles for you...
100
security advisorymoderatebuffer overflowSUSE: 2020:1687-1 Moderate: libgxps Buffer Overread Issue
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for libgxps ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:1687-1 Rating: moderate References: #1092125 Cross-References: CVE-2018-10733 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server 12-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libgxps fixes the following issues: - CVE-2018-10733: Fixed a heap-based buffer over-read issue in ft_font_face_hash (bsc#1092125). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1687=1 - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-1687=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1687=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1687=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): libgxps-debugsource-0.2.2-10.3.5 libgxps-devel-0.2.2-10.3.5 typelib-1_0-GXPS-0_1-0.2.2-10.3.5 - SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le s390x x86_64): libgxps-debugsource-0.2.2-10.3.5 libgxps-devel-0.2.2-10.3.5 typelib-1_0-GXPS-0_1-0.2.2-10.3.5 - SUSE Linux EnterpriseServer 12-SP5 (aarch64 ppc64le s390x x86_64): libgxps-debugsource-0.2.2-10.3.5 libgxps2-0.2.2-10.3.5 libgxps2-debuginfo-0.2.2-10.3.5 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): libgxps-debugsource-0.2.2-10.3.5 libgxps2-0.2.2-10.3.5 libgxps2-debuginfo-0.2.2-10.3.5 References: https://www.suse.com/security/cve/CVE-2018-10733.html https://bugzilla.suse.com/1092125 _______________________________________________ sle-security-updates mailing list
Jun 19, 2020
SuSE
202
security advisorymoderatebuffer over-readopenSUSE Leap 15.0: 2019:1120-1 Moderate: Libgxps Buffer Over-Read
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for libgxps ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1120-1 Rating: moderate References: #1092125 Cross-References: CVE-2018-10733 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libgxps fixes the following issues: - CVE-2018-10733: Fixed a heap-based buffer over-read issue in ft_font_face_hash (bsc#1092125). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1120=1 Package List: - openSUSE Leap 15.0 (x86_64): libgxps-debuginfo-0.3.0-lp150.3.3.2 libgxps-debugsource-0.3.0-lp150.3.3.2 libgxps-devel-0.3.0-lp150.3.3.2 libgxps-tools-0.3.0-lp150.3.3.2 libgxps-tools-debuginfo-0.3.0-lp150.3.3.2 libgxps2-0.3.0-lp150.3.3.2 libgxps2-debuginfo-0.3.0-lp150.3.3.2 typelib-1_0-GXPS-0_1-0.3.0-lp150.3.3.2 References: https://www.suse.com/security/cve/CVE-2018-10733.html https://bugzilla.suse.com/1092125 -- . Addresses a significant buffer over-read vulnerability in libgxps within the openSUSE Leap 15.0 ecosystem, resolved with the patch openSUSE-SU-2019:1120-1.. openSUSE Security Update, libgxps, buffer over-read, patch instructions. . LinuxSecurity.com Team
Apr 02, 2019
OpenSUSE
100
security advisorysoftware updatemoderate severitySUSE: 2021:0730-2 Moderate: libxyz Memory Corruption Vulnerability
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for libgxps ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:0720-1 Rating: moderate References: #1092125 Cross-References: CVE-2018-10733 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Desktop Applications 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libgxps fixes the following issues: - CVE-2018-10733: Fixed a heap-based buffer over-read issue in ft_font_face_hash (bsc#1092125). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-720=1 - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2019-720=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): libgxps-debuginfo-0.3.0-4.3.29 libgxps-debugsource-0.3.0-4.3.29 libgxps-tools-0.3.0-4.3.29 libgxps-tools-debuginfo-0.3.0-4.3.29 - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64): libgxps-debuginfo-0.3.0-4.3.29 libgxps-debugsource-0.3.0-4.3.29 libgxps-devel-0.3.0-4.3.29 libgxps2-0.3.0-4.3.29 libgxps2-debuginfo-0.3.0-4.3.29 typelib-1_0-GXPS-0_1-0.3.0-4.3.29 References: https://www.suse.com/security/cve/CVE-2018-10733.html https://bugzilla.suse.com/1092125 _______________________________________________ sle-security-updates mailing list
Mar 22, 2019
SuSE
89
security advisoryfedorabuffer overflowFedora 29 2019-8e9789a629 Critical: libgxps Buffer Overflow Fix
libgxps 0.3.1 release. - Fix font scaling when converting xps to pdf - Handle errors returned by archive_read_data in GXPSArchive - Ensure gxps_archive_read_entry() fills the GError in case of failure - Make the pdf generated by xpstopdf to be 96 dpi - Fix OUTPUT FILE description in man pages - Clear the GError before trying to load an image again in. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-8e9789a629 2019-01-10 08:21:16.701820 --------------------------------------------------------------------------------Name : libgxps Product : Fedora 29 Version : 0.3.1 Release : 1.fc29 URL : https://wiki.gnome.org/Projects/libgxps Summary : GObject based library for handling and rendering XPS documents Description : libgxps is a GObject based library for handling and rendering XPS documents. --------------------------------------------------------------------------------Update Information: libgxps 0.3.1 release. - Fix font scaling when converting xps to pdf - Handle errors returned by archive_read_data in GXPSArchive - Ensure gxps_archive_read_entry() fills the GError in case of failure - Make the pdf generated by xpstopdf to be 96 dpi - Fix OUTPUT FILE description in man pages - Clear the GError before trying to load an image again in gxps_images_get_image() - Fix integer overflow in png decoder --------------------------------------------------------------------------------ChangeLog: * Sat Jan 5 2019 Kalev Lember - 0.3.1-1 - Update to 0.3.1 - Fix gtk-doc and gir directory ownership --------------------------------------------------------------------------------References: [ 1 ] Bug #1576176 - CVE-2018-10767 libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1576176 --------------------------------------------------------------------------------Thisupdate can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-8e9789a629' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 10, 2019
•Critical
Fedora
89
security advisorysecurity updatebuffer overflowFedora 29 libgxps Security Update: Fixing Document Rendering Issues
libgxps 0.3.1 release. - Fix font scaling when converting xps to pdf - Handle errors returned by archive_read_data in GXPSArchive - Ensure gxps_archive_read_entry() fills the GError in case of failure - Make the pdf generated by xpstopdf to be 96 dpi - Fix OUTPUT FILE description in man pages - Clear the GError before trying to load an image again in. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-8e9789a629 2019-01-10 08:21:16.701820 --------------------------------------------------------------------------------Name : libgxps Product : Fedora 29 Version : 0.3.1 Release : 1.fc29 URL : https://wiki.gnome.org/Projects/libgxps Summary : GObject based library for handling and rendering XPS documents Description : libgxps is a GObject based library for handling and rendering XPS documents. --------------------------------------------------------------------------------Update Information: libgxps 0.3.1 release. - Fix font scaling when converting xps to pdf - Handle errors returned by archive_read_data in GXPSArchive - Ensure gxps_archive_read_entry() fills the GError in case of failure - Make the pdf generated by xpstopdf to be 96 dpi - Fix OUTPUT FILE description in man pages - Clear the GError before trying to load an image again in gxps_images_get_image() - Fix integer overflow in png decoder --------------------------------------------------------------------------------ChangeLog: * Sat Jan 5 2019 Kalev Lember - 0.3.1-1 - Update to 0.3.1 - Fix gtk-doc and gir directory ownership --------------------------------------------------------------------------------References: [ 1 ] Bug #1576176 - CVE-2018-10767 libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1576176 --------------------------------------------------------------------------------Thisupdate can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-8e9789a629' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 10, 2019
•Important
Fedora
203
security advisorydenial of servicebuffer overflowMageia 6 MGASA-2019-0003 Critical: Libgxps Buffer Overflow Exploit
A flaw was found in libgxps through 0.3.0. There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c. A crafted input will lead to a remote denial of service attack (CVE-2018-10733). An integer overflow flaw exists within the . MGASA-2019-0003 - Updated libgxps packages fix security vulnerabilities Publication date: 05 Jan 2019 URL: https://advisories.mageia.org/MGASA-2019-0003.html Type: security Affected Mageia releases: 6 CVE: CVE-2018-10733 A flaw was found in libgxps through 0.3.0. There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c. A crafted input will lead to a remote denial of service attack (CVE-2018-10733). An integer overflow flaw exists within the "gxps_images_create_from_png()" function in libgxps/gxps-images.c. An attacker can exploit this flaw to cause a heap-based buffer overflow by tricking a user into opening a specially crafted XPS document in an application using libgxps (rhbz#1524378). References: - https://bugs.mageia.org/show_bug.cgi?id=23128 - https://lists.fedoraproject.org/archives/list/
Jan 05, 2019
•Critical
Mageia
89
security advisorysoftware updateFedoraFedora 27: 2018-da33a74b32 Moderate: libgxps Integer Overflow Issue
Fix integer overflow. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-da33a74b32 2018-07-01 01:33:28.643385 --------------------------------------------------------------------------------Name : libgxps Product : Fedora 27 Version : 0.3.0 Release : 5.fc27 URL : https://wiki.gnome.org/Projects/libgxps Summary : GObject based library for handling and rendering XPS documents Description : libgxps is a GObject based library for handling and rendering XPS documents. --------------------------------------------------------------------------------Update Information: Fix integer overflow --------------------------------------------------------------------------------ChangeLog: * Thu Jun 14 2018 Tom Hughes - 0.3.0-5 - Add patch for integer overflow * Tue May 8 2018 Tom Hughes - 0.3.0-4 - Add patch for CVE-2018-10733 * Wed Feb 7 2018 Fedora Release Engineering - 0.3.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Tue Jan 30 2018 Tom Hughes - 0.3.0-2 - Drop ldconfig scriptlets --------------------------------------------------------------------------------References: [ 1 ] Bug #1591132 - libgxps: integer overflow when loading XPS documents containing specially crafted PNG files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1591132 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-da33a74b32' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jul 01, 2018
•Important
Fedora
89
security advisorycritical issueFedoraFedora 28: FEDORA-2018-1234567890 Warning: libgxps Buffer Overflow
Fix integer overflow. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-6d87dc56e0 2018-06-26 17:32:29.057578 --------------------------------------------------------------------------------Name : libgxps Product : Fedora 28 Version : 0.3.0 Release : 5.fc28 URL : https://wiki.gnome.org/Projects/libgxps Summary : GObject based library for handling and rendering XPS documents Description : libgxps is a GObject based library for handling and rendering XPS documents. --------------------------------------------------------------------------------Update Information: Fix integer overflow --------------------------------------------------------------------------------ChangeLog: * Thu Jun 14 2018 Tom Hughes - 0.3.0-5 - Add patch for integer overflow * Tue May 8 2018 Tom Hughes - 0.3.0-4 - Add patch for CVE-2018-10733 --------------------------------------------------------------------------------References: [ 1 ] Bug #1591132 - libgxps: integer overflow when loading XPS documents containing specially crafted PNG files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1591132 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-6d87dc56e0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jun 26, 2018
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!