ELSA-2014-1870

ELSA-2014-1870 - libXfont security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2014-11-18

Description


[1.4.5-4]
- CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602, bug 1163601)
- CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602, bug 1163601)
- CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602, bug 1163601)


Related CVEs


CVE-2014-0209
CVE-2014-0210
CVE-2014-0211

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) libXfont-1.4.5-4.el6_6.src.rpm0e3b668b135be0da2007d7c67b413041ELBA-2016-0736
libXfont-1.4.5-4.el6_6.i686.rpmb1bca626601821dac556faae44fe957aELBA-2016-0736
libXfont-devel-1.4.5-4.el6_6.i686.rpm0fed8f932189da99d0cc87b8aaded2c2ELBA-2016-0736
Oracle Linux 6 (x86_64) libXfont-1.4.5-4.el6_6.src.rpm0e3b668b135be0da2007d7c67b413041ELBA-2016-0736
libXfont-1.4.5-4.el6_6.i686.rpmb1bca626601821dac556faae44fe957aELBA-2016-0736
libXfont-1.4.5-4.el6_6.x86_64.rpm3e0891ce0154c296017b4e03f91dc075ELBA-2016-0736
libXfont-devel-1.4.5-4.el6_6.i686.rpm0fed8f932189da99d0cc87b8aaded2c2ELBA-2016-0736
libXfont-devel-1.4.5-4.el6_6.x86_64.rpm914de5921479a674441c3dac0ae7246cELBA-2016-0736
Oracle Linux 7 (x86_64) libXfont-1.4.7-2.el7_0.src.rpm2f3013c724d874240c52f2ffb7f6586bELSA-2018-3059
libXfont-1.4.7-2.el7_0.i686.rpm40d9551e625f5d2950dd50d6782a61adELSA-2018-3059
libXfont-1.4.7-2.el7_0.x86_64.rpm1a3fe5ebda5853a08ce47cfc944cc869ELSA-2018-3059
libXfont-devel-1.4.7-2.el7_0.i686.rpmf8ff676c0365591f4e474ba68a38ddeeELSA-2018-3059
libXfont-devel-1.4.7-2.el7_0.x86_64.rpmb61606065907299e9c25146b0dad6631ELSA-2018-3059



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete