Lucene search

K

Gentoo FoundationGLSA-201507-21

HistoryJul 22, 2015 - 12:00 a.m.

libXfont: Multiple vulnerabilities

2015-07-2200:00:00

Gentoo Foundation

security.gentoo.org

16

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.015 Low

EPSS

Percentile

86.8%

Background

libXfont is an X11 font rasterisation library.

Description

Multiple vulnerabilities have been discovered in libXfont. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could possibly execute arbitrary code or cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All libXfont 1.4.x users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=x11-libs/libXfont-1.4.9"

All libXfont 1.5.x users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=x11-libs/libXfont-1.5.1"

OSVersionArchitecturePackageVersionFilename
Gentooanyallx11-libs/libxfont< 1.5.1UNKNOWN

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.015 Low

EPSS

Percentile

86.8%

Related for GLSA-201507-21

nessus18 redhat1 openvas18 suse3 f52 amazon1 kaspersky2 fedora2 centos1 veracode3 freebsd1 archlinux1 ibm3 securityvulns3 debian2 ubuntu1 oraclelinux1 mageia1 debiancve3 cve3 ubuntucve3 prion3 oracle1