libXfont security update

ID CESA-2008:0064
Type centos
Reporter CentOS Project
Modified 2008-01-18T23:25:10


CentOS Errata and Security Advisory CESA-2008:0064

The libXfont package contains the X.Org X11 libXfont runtime library.

A heap based buffer overflow flaw was found in the way the X.Org server handled malformed font files. A malicious local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2008-0006)

Users of X.Org libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue.

Merged security bulletin from advisories:

Affected packages: libXfont libXfont-devel

Upstream details at: