Sicherheit: Mehrere Probleme in graphite2 - Pro-Linux

--===============4100407241471923766==
Content-Type: text/plain

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2016-4154a4d0ba
2016-02-21 16:23:38.006893
-------------------------------------------------------------------------------
-

Name        : graphite2
Product     : Fedora 23
Version     : 1.3.5
Release     : 1.fc23
URL         : http://sourceforge.net/projects/silgraphite/
Summary     : Font rendering capabilities for complex non-Roman writing systems
Description :
Graphite2 is a project within SIL’s Non-Roman Script Initiative and Language
Software Development groups to provide rendering capabilities for complex
non-Roman writing systems. Graphite can be used to create “smart fonts” capable
of displaying writing systems with various complex behaviors. With respect to
the Text Encoding Model, Graphite handles the "Rendering" aspect of
 writing
system implementation.

-------------------------------------------------------------------------------
-
Update Information:

Security fix for CVE-2016-1521, CVE-2016-1522, CVE-2016-1523 and CVE-2016-1526
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1305806 - CVE-2016-1521 graphite2: Two out-of-bound read
 vulnerabilities triggered by crafted fonts [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1305806
  [ 2 ] Bug #1308591 - CVE-2016-1526 graphite2: Out-of-bounds read
 vulnerability in TfUtil:LocaLookup [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1308591
  [ 3 ] Bug #1305814 - CVE-2016-1523 graphite2: Heap-based buffer overflow in
 context item handling functionality [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1305814
  [ 4 ] Bug #1305811 - CVE-2016-1522 graphite2: Null pointer dereference and
 out-of-bounds access vulnerabilities [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1305811
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update graphite2' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-

--===============4100407241471923766==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce