GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Wed Jul 22, 2015 4:26 pm Post subject: [ GLSA 201507-21 ] libXfont |
 |
|
Gentoo Linux Security Advisory
Title: libXfont: Multiple vulnerabilities (GLSA 201507-21)
Severity: normal
Exploitable: remote
Date: July 22, 2015
Bug(s): #543620
ID: 201507-21
Synopsis
Multiple vulnerabilities have been found in libXfont, the worst of
which could result in execution of arbitrary code or Denial of Service.
Background
libXfont is an X11 font rasterisation library.
Affected Packages
Package: x11-libs/libXfont
Vulnerable: < 1.5.1
Unaffected: >= 1.4.9 < 1.4.10
Unaffected: >= 1.5.1
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in libXfont. Please review
the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code or cause a
Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All libXfont 1.4.x users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.4.9"
|
All libXfont 1.5.x users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.5.1"
|
References
CVE-2015-1802
CVE-2015-1803
CVE-2015-1804 |
|
News & Announcements
