[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Oracle alert ELSA-2014-1870 (libXfont)



From:
    	      Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> 


To:
    	      el-errata@oss.oracle.com 


Subject:
    	      [El-errata] ELSA-2014-1870 Important: Oracle Linux 6 libXfont security update 


Date:
    	      Thu, 20 Nov 2014 06:16:56 -0800


Message-ID:
    	      <546DF7D8.1040809@oracle.com>


Oracle Linux Security Advisory ELSA-2014-1870

https://rhn.redhat.com/errata/RHSA-2014-1870.html


The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
libXfont-1.4.5-4.el6_6.i686.rpm
libXfont-devel-1.4.5-4.el6_6.i686.rpm

x86_64:
libXfont-1.4.5-4.el6_6.i686.rpm
libXfont-1.4.5-4.el6_6.x86_64.rpm
libXfont-devel-1.4.5-4.el6_6.i686.rpm
libXfont-devel-1.4.5-4.el6_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/libXfont-1.4.5-4....



Description of changes:

[1.4.5-4]
- CVE-2014-0209: integer overflow of allocations in font metadata file 
parsing (bug 1163602, bug 1163601)
- CVE-2014-0210: unvalidated length fields when parsing xfs protocol 
replies (bug 1163602, bug 1163601)
- CVE-2014-0211: integer overflows calculating memory needs for xfs 
replies (bug 1163602, bug 1163601)


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds