Synopsis: Important: libXfont security update
Advisory ID: SLSA-2015:1708-1
Issue Date: 2015-09-03
CVE Numbers: CVE-2015-1802
CVE-2015-1803
CVE-2015-1804
—
An integer overflow flaw was found in the way libXfont processed certain
Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user
could use this flaw to crash the X.Org server or, potentially, execute
arbitrary code with the privileges of the X.Org server. (CVE-2015-1802)
An integer truncation flaw was discovered in the way libXfont processed
certain Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local
user could use this flaw to crash the X.Org server or, potentially,
execute arbitrary code with the privileges of the X.Org server.
(CVE-2015-1804)
A NULL pointer dereference flaw was discovered in the way libXfont
processed certain Glyph Bitmap Distribution Format (BDF) fonts. A
malicious, local user could use this flaw to crash the X.Org server.
(CVE-2015-1803)
—
SL6
x86_64
libXfont-1.4.5-5.el6_7.x86_64.rpm
libXfont-debuginfo-1.4.5-5.el6_7.x86_64.rpm
libXfont-1.4.5-5.el6_7.i686.rpm
libXfont-debuginfo-1.4.5-5.el6_7.i686.rpm
libXfont-devel-1.4.5-5.el6_7.i686.rpm
libXfont-devel-1.4.5-5.el6_7.x86_64.rpm
i386
libXfont-1.4.5-5.el6_7.i686.rpm
libXfont-debuginfo-1.4.5-5.el6_7.i686.rpm
libXfont-devel-1.4.5-5.el6_7.i686.rpm
SL7
x86_64
libXfont-1.4.7-3.el7_1.i686.rpm
libXfont-1.4.7-3.el7_1.x86_64.rpm
libXfont-debuginfo-1.4.7-3.el7_1.i686.rpm
libXfont-debuginfo-1.4.7-3.el7_1.x86_64.rpm
libXfont-devel-1.4.7-3.el7_1.i686.rpm
libXfont-devel-1.4.7-3.el7_1.x86_64.rpm
– Scientific Linux Development Team
