Synopsis: Important: graphite2 security, bug fix, and
Advisory ID: SLSA-2016:0594-1
Issue Date: 2016-04-06
CVE Numbers: CVE-2016-1521
CVE-2016-1522
CVE-2016-1523
CVE-2016-1526
—
The following packages have been upgraded to a newer upstream version:
graphite2 (1.3.6).
Security Fix(es):
* Various vulnerabilities have been discovered in Graphite2. An attacker
able to trick an unsuspecting user into opening specially crafted font
files in an application using Graphite2 could exploit these flaws to cause
the application to crash or, potentially, execute arbitrary code with the
privileges of the application. (CVE-2016-1521, CVE-2016-1522,
CVE-2016-1523, CVE-2016-1526)
—
SL7
x86_64
graphite2-1.3.6-1.el7_2.i686.rpm
graphite2-1.3.6-1.el7_2.x86_64.rpm
graphite2-debuginfo-1.3.6-1.el7_2.i686.rpm
graphite2-debuginfo-1.3.6-1.el7_2.x86_64.rpm
graphite2-devel-1.3.6-1.el7_2.i686.rpm
graphite2-devel-1.3.6-1.el7_2.x86_64.rpm
– Scientific Linux Development Team
