Synopsis: Important: graphite2 security update
Advisory ID: SLSA-2017:1793-1
Issue Date: 2017-07-21
CVE Numbers: CVE-2017-7778
CVE-2017-7771
CVE-2017-7772
CVE-2017-7773
CVE-2017-7774
CVE-2017-7775
CVE-2017-7776
CVE-2017-7777
—
The following packages have been upgraded to a newer upstream version:
graphite2 (1.3.10).
Security Fix(es):
* Various vulnerabilities have been discovered in Graphite2. An attacker
able to trick an unsuspecting user into opening specially crafted font
files in an application using Graphite2 could exploit these flaws to
disclose potentially sensitive memory, cause an application crash, or,
possibly, execute arbitrary code. (CVE-2017-7771, CVE-2017-7772,
CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777,
CVE-2017-7778)
—
SL7
x86_64
graphite2-1.3.10-1.el7_3.i686.rpm
graphite2-1.3.10-1.el7_3.x86_64.rpm
graphite2-debuginfo-1.3.10-1.el7_3.i686.rpm
graphite2-debuginfo-1.3.10-1.el7_3.x86_64.rpm
graphite2-devel-1.3.10-1.el7_3.i686.rpm
graphite2-devel-1.3.10-1.el7_3.x86_64.rpm
– Scientific Linux Development Team
