CentOS Errata and Security Advisory CESA-2015:1708
The libXfont package provides the X.Org libXfont runtime library. X.Org is
an open source implementation of the X Window System.
An integer overflow flaw was found in the way libXfont processed certain
Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user could
use this flaw to crash the X.Org server or, potentially, execute arbitrary
code with the privileges of the X.Org server. (CVE-2015-1802)
An integer truncation flaw was discovered in the way libXfont processed
certain Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local
user could use this flaw to crash the X.Org server or, potentially, execute
arbitrary code with the privileges of the X.Org server. (CVE-2015-1804)
A NULL pointer dereference flaw was discovered in the way libXfont
processed certain Glyph Bitmap Distribution Format (BDF) fonts.
A malicious, local user could use this flaw to crash the X.Org server.
(CVE-2015-1803)
All libXfont users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2015-September/083530.html
https://lists.centos.org/pipermail/centos-announce/2015-September/083533.html
Affected packages:
libXfont
libXfont-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2015:1708
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | libxfont | < 1.4.5-5.el6_7 | libXfont-1.4.5-5.el6_7.i686.rpm |
CentOS | 6 | i686 | libxfont-devel | < 1.4.5-5.el6_7 | libXfont-devel-1.4.5-5.el6_7.i686.rpm |
CentOS | 6 | i686 | libxfont | < 1.4.5-5.el6_7 | libXfont-1.4.5-5.el6_7.i686.rpm |
CentOS | 6 | x86_64 | libxfont | < 1.4.5-5.el6_7 | libXfont-1.4.5-5.el6_7.x86_64.rpm |
CentOS | 6 | i686 | libxfont-devel | < 1.4.5-5.el6_7 | libXfont-devel-1.4.5-5.el6_7.i686.rpm |
CentOS | 6 | x86_64 | libxfont-devel | < 1.4.5-5.el6_7 | libXfont-devel-1.4.5-5.el6_7.x86_64.rpm |
CentOS | 7 | i686 | libxfont | < 1.4.7-3.el7_1 | libXfont-1.4.7-3.el7_1.i686.rpm |
CentOS | 7 | x86_64 | libxfont | < 1.4.7-3.el7_1 | libXfont-1.4.7-3.el7_1.x86_64.rpm |
CentOS | 7 | i686 | libxfont-devel | < 1.4.7-3.el7_1 | libXfont-devel-1.4.7-3.el7_1.i686.rpm |
CentOS | 7 | x86_64 | libxfont-devel | < 1.4.7-3.el7_1 | libXfont-devel-1.4.7-3.el7_1.x86_64.rpm |