drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in libxfont
Name: |
Pufferüberlauf in libxfont |
|
ID: |
MDVSA-2014:013 |
|
Distribution: |
Mandriva |
|
Plattformen: |
Mandriva Enterprise Server 5.0, Mandriva Business Server 1.0 |
|
Datum: |
Di, 21. Januar 2014, 14:43 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462 |
|
Applikationen: |
X11 |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1390308680-2618-78
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2014:013 http://www.mandriva.com/en/support/security/ _______________________________________________________________________
Package : libxfont Date : January 21, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 _______________________________________________________________________
Problem Description:
A vulnerability has been discovered and corrected in libxfont: Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file (CVE-2013-6462). The updated packages have been patched to correct this issue. _______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462 _______________________________________________________________________
Updated Packages:
Mandriva Enterprise Server 5: 21ddd5d021a3721894d8e91769e665e1 mes5/i586/libxfont1-1.3.3-1.2mdvmes5.2.i586.rpm 7279ba4ef6c459df5526e8fd47f8b546 mes5/i586/libxfont1-devel-1.3.3-1.2mdvmes5.2.i586.rpm e57c2ac9880cacb6a8c5555de20242a8 mes5/i586/libxfont1-static-devel-1.3.3-1.2mdvmes5.2.i586.rpm 5c5414a45107d891f13b3694b853bb24 mes5/SRPMS/libxfont-1.3.3-1.2mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64: 7bcfca76e624e2fa6856425fe341759b mes5/x86_64/lib64xfont1-1.3.3-1.2mdvmes5.2.x86_64.rpm 9da93243f5c64b958a49716d014598f6 mes5/x86_64/lib64xfont1-devel-1.3.3-1.2mdvmes5.2.x86_64.rpm 9246fa2da72cfdc0632b71d133dedb12 mes5/x86_64/lib64xfont1-static-devel-1.3.3-1.2mdvmes5.2.x86_64.rpm 5c5414a45107d891f13b3694b853bb24 mes5/SRPMS/libxfont-1.3.3-1.2mdvmes5.2.src.rpm
Mandriva Business Server 1/X86_64: 8987c8fe13c56daf372157d7af320fa6 mbs1/x86_64/lib64xfont1-1.4.5-2.1.mbs1.x86_64.rpm 5e0a2e81d72fdc0acb4d9cd6ebc102c2 mbs1/x86_64/lib64xfont1-devel-1.4.5-2.1.mbs1.x86_64.rpm aeae88972fbbc4f41cd1540c05506661 mbs1/x86_64/lib64xfont1-static-devel-1.4.5-2.1.mbs1.x86_64.rpm f3e0098239e7e631e0419d302598dacd mbs1/SRPMS/libxfont-1.4.5-2.1.mbs1.src.rpm _______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com _______________________________________________________________________
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFS3kCRmqjQ0CJFipgRApmUAJ9LaGz9/zzlykfhq9zAaX+QFDjAAACfegxP KTaV2JDJGCb6clUQC2tY3Tw= =xAAU -----END PGP SIGNATURE-----
------------=_1390308680-2618-78 Content-Type: text/plain; charset="UTF-8"; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://store.mandriva.com _______________________________________________________
------------=_1390308680-2618-78--
|
|
|
|