ELSA-2014-1893

ULN >
Oracle Linux Errata repository >
ELSA-2014-1893

ELSA-2014-1893 - libXfont security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2014-11-24

Description

[1.2.2-1.0.6]
- CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602, bug 1163601)
- CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602, bug 1163601)
- CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602, bug 1163601)

Related CVEs

CVE-2014-0209

CVE-2014-0210

CVE-2014-0211

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 5 (i386)	libXfont-1.2.2-1.0.6.el5_11.src.rpm	f1bb462e05e3ed17cf96ba20495f2887	-
	libXfont-1.2.2-1.0.6.el5_11.i386.rpm	423dce210f3368f65ff6667709904156	-
	libXfont-devel-1.2.2-1.0.6.el5_11.i386.rpm	a04f9246111fff0d186a9ef1b543ac91	-

Oracle Linux 5 (ia64)	libXfont-1.2.2-1.0.6.el5_11.src.rpm	f1bb462e05e3ed17cf96ba20495f2887	-
	libXfont-1.2.2-1.0.6.el5_11.ia64.rpm	5fe8e5909cbad317b613992aac10bd49	-
	libXfont-devel-1.2.2-1.0.6.el5_11.ia64.rpm	ce7be987ebf50400ff74ea41528f708a	-

Oracle Linux 5 (x86_64)	libXfont-1.2.2-1.0.6.el5_11.src.rpm	f1bb462e05e3ed17cf96ba20495f2887	-
	libXfont-1.2.2-1.0.6.el5_11.i386.rpm	423dce210f3368f65ff6667709904156	-
	libXfont-1.2.2-1.0.6.el5_11.x86_64.rpm	0a970584a7d3e4ceb83167a905c63fac	-
	libXfont-devel-1.2.2-1.0.6.el5_11.i386.rpm	a04f9246111fff0d186a9ef1b543ac91	-
	libXfont-devel-1.2.2-1.0.6.el5_11.x86_64.rpm	e34e2dcc685d4c8282f3c53441f1f74c	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691