Lucene search
DebianDEBIAN:DLA-1126-1:5E693HistoryOct 07, 2017 - 9:06 a.m.
[SECURITY] [DLA 1126-1] libxfont security update
2017-10-0709:06:50
lists.debian.org
9
Package : libxfont
Version : 1:1.4.5-5+deb7u1
CVE IDs : CVE-2017-13720 CVE-2017-13722
It was discovered that there two vulnerabilities the library providing
font selection and rasterisation, libxfont:
-
CVE-2017-13720: If a pattern contained a '?' character any character
in the string is skipped even if it was a '\0'. The rest of the
matching then read invalid memory. -
CVE-2017-13722: A malformed PCF file could cause the library to make
reads from random heap memory that was behind thestringsbuffer,
leading to an application crash or a information leak.
For Debian 7 "Wheezy", this issue has been fixed in libxfont version
1:1.4.5-5+deb7u1.
We recommend that you upgrade your libxfont packages.
Regards,
,''`.
: :' : Chris Lamb
`. `'` [email protected] / chris-lamb.co.uk
`-
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | armhf | libxfont-dev | < 1:1.4.5-5+deb7u1 | libxfont-dev_1:1.4.5-5+deb7u1_armhf.deb |
| Debian | 7 | armel | libxfont1 | < 1:1.4.5-5+deb7u1 | libxfont1_1:1.4.5-5+deb7u1_armel.deb |
| Debian | 7 | armel | libxfont1-dbg | < 1:1.4.5-5+deb7u1 | libxfont1-dbg_1:1.4.5-5+deb7u1_armel.deb |
| Debian | 7 | i386 | libxfont1-dbg | < 1:1.4.5-5+deb7u1 | libxfont1-dbg_1:1.4.5-5+deb7u1_i386.deb |
| Debian | 7 | i386 | libxfont1 | < 1:1.4.5-5+deb7u1 | libxfont1_1:1.4.5-5+deb7u1_i386.deb |
| Debian | 7 | i386 | libxfont1-udeb | < 1:1.4.5-5+deb7u1 | libxfont1-udeb_1:1.4.5-5+deb7u1_i386.deb |
| Debian | 7 | armhf | libxfont1-udeb | < 1:1.4.5-5+deb7u1 | libxfont1-udeb_1:1.4.5-5+deb7u1_armhf.deb |
| Debian | 7 | armel | libxfont1-udeb | < 1:1.4.5-5+deb7u1 | libxfont1-udeb_1:1.4.5-5+deb7u1_armel.deb |
| Debian | 7 | amd64 | libxfont-dev | < 1:1.4.5-5+deb7u1 | libxfont-dev_1:1.4.5-5+deb7u1_amd64.deb |
| Debian | 7 | armel | libxfont-dev | < 1:1.4.5-5+deb7u1 | libxfont-dev_1:1.4.5-5+deb7u1_armel.deb |
Related
nessus
nessus
FreeBSD : libXfont -- multiple memory leaks (3b9590a1-e358-11e7-a293-54e1ad3d6335)
2017-12-18 00:00:00
openSUSE Security Update : libXfont (openSUSE-2017-1357)
2017-12-14 00:00:00
Debian DLA-1126-1 : libxfont security update
2017-10-09 00:00:00
openvas
openvas
Fedora Update for libXfont FEDORA-2017-2783ef2c63
2017-10-27 00:00:00
Huawei EulerOS: Security Advisory for libXfont (EulerOS-SA-2019-2539)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2017-0373)
2022-01-28 00:00:00
debian
debian
[SECURITY] [DSA 3995-1] libxfont security update
2017-10-10 19:22:11
mageia
mageia
Updated libxfont packages fix security vulnerabilities
2017-10-18 23:19:34
osv
osv
libxfont - security update
2017-10-10 00:00:00
libxfont - security update
2017-10-07 00:00:00
CVE-2017-13722
2017-10-11 17:29:00
fedora
fedora
[SECURITY] Fedora 25 Update: libXfont-1.5.2-5.fc25
2017-10-25 21:23:21
[SECURITY] Fedora 26 Update: libXfont-1.5.2-5.fc26
2017-10-25 23:17:16
[SECURITY] Fedora 27 Update: libXfont-1.5.2-5.fc27
2017-10-17 00:19:36
gentoo
gentoo
LibXfont, LibXfont2: Multiple vulnerabilities
2017-11-11 00:00:00
ubuntu
ubuntu
libXfont vulnerabilities
2017-10-10 00:00:00
freebsd
freebsd
libXfont -- multiple memory leaks
2017-10-04 00:00:00
redhatcve
redhatcve
CVE-2017-13722
2018-01-22 22:57:12
CVE-2017-13720
2018-01-22 22:58:08
ubuntucve
ubuntucve
CVE-2017-13722
2017-10-05 00:00:00
CVE-2017-13720
2017-10-05 00:00:00
cve
cve
CVE-2017-13722
2017-10-11 17:29:00
CVE-2017-13720
2017-10-11 17:29:00
debiancve
debiancve
CVE-2017-13722
2017-10-11 17:29:00
CVE-2017-13720
2017-10-11 17:29:00
prion
prion
Information disclosure
2017-10-11 17:29:00
Buffer overflow
2017-10-11 17:29:00
veracode
veracode
Denial Of Service (DoS)
2018-12-06 01:09:32
Related for DEBIAN:DLA-1126-1:5E693