CentOS Errata and Security Advisory CESA-2013:0687
Pixman is a pixel manipulation library for the X Window System and Cairo.
An integer overflow flaw was discovered in one of pixman’s manipulation
routines. If a remote attacker could trick an application using pixman into
performing a certain manipulation, it could cause the application to crash
or, possibly, execute arbitrary code with the privileges of the user
running the application. (CVE-2013-1591)
Users are advised to upgrade to these updated packages, which contain
a backported patch to correct this issue. All applications using
pixman must be restarted for this update to take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-March/081832.html
Affected packages:
pixman
pixman-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2013:0687
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | pixman | < 0.26.2-5.el6_4 | pixman-0.26.2-5.el6_4.i686.rpm |
CentOS | 6 | i686 | pixman-devel | < 0.26.2-5.el6_4 | pixman-devel-0.26.2-5.el6_4.i686.rpm |
CentOS | 6 | i686 | pixman | < 0.26.2-5.el6_4 | pixman-0.26.2-5.el6_4.i686.rpm |
CentOS | 6 | x86_64 | pixman | < 0.26.2-5.el6_4 | pixman-0.26.2-5.el6_4.x86_64.rpm |
CentOS | 6 | i686 | pixman-devel | < 0.26.2-5.el6_4 | pixman-devel-0.26.2-5.el6_4.i686.rpm |
CentOS | 6 | x86_64 | pixman-devel | < 0.26.2-5.el6_4 | pixman-devel-0.26.2-5.el6_4.x86_64.rpm |