Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in graphite2
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in graphite2
ID: FEDORA-2016-338a7e9925
Distribution: Fedora
Plattformen: Fedora 22
Datum: Di, 10. Mai 2016, 22:45
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1522

Originalnachricht

--===============7997161036627944078==
Content-Type: text/plain

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2016-338a7e9925
2016-05-10 11:43:00.964898
-------------------------------------------------------------------------------
-

Name : graphite2
Product : Fedora 22
Version : 1.3.6
Release : 1.fc22
URL : http://sourceforge.net/projects/silgraphite/
Summary : Font rendering capabilities for complex non-Roman writing systems
Description :
Graphite2 is a project within SIL’s Non-Roman Script Initiative and Language
Software Development groups to provide rendering capabilities for complex
non-Roman writing systems. Graphite can be used to create “smart fonts” capable
of displaying writing systems with various complex behaviors. With respect to
the Text Encoding Model, Graphite handles the "Rendering" aspect of
writing
system implementation.

-------------------------------------------------------------------------------
-
Update Information:

Unspecified security fixes ---- Security fix for CVE-2016-1521,
CVE-2016-1522,
CVE-2016-1523 and CVE-2016-1526
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1305806 - CVE-2016-1521 graphite2: Two out-of-bound read
vulnerabilities triggered by crafted fonts [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1305806
[ 2 ] Bug #1308591 - CVE-2016-1526 graphite2: Out-of-bounds read
vulnerability in TfUtil:LocaLookup [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1308591
[ 3 ] Bug #1305814 - CVE-2016-1523 graphite2: Heap-based buffer overflow in
context item handling functionality [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1305814
[ 4 ] Bug #1305811 - CVE-2016-1522 graphite2: Null pointer dereference and
out-of-bounds access vulnerabilities [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1305811
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update graphite2' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-

--===============7997161036627944078==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung