140 matches found
fontconfig security and bug fix update
2.10.95-10 - Fix a regression in the previous change. 1355930 2.10.95-9 - CVE-2016-5384: Validate offsets in cache files properly. 1355930 2.10.95-8 - Update 45-latin.conf to add some hints to fall back for Windows fonts 1073460...
RHEL 7 : fontconfig (RHSA-2016:2601)
An update for fontconfig is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RedHat Update for fontconfig RHSA-2016:2601-02
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: fontconfig security and bug fix update
An update for fontconfig is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
fontconfig: Possible double free due to insufficiently validated cache files
It was found that cache files were insufficiently validated in fontconfig. A local attacker could create a specially crafted cache file to trigger arbitrary free calls, which in turn could lead to arbitrary code execution...
openSUSE Security Update : fontconfig (openSUSE-2016-1070)
This update for fontconfig fixes the following issues : - security update : - CVE-2016-5384: Possible double free due to insufficiently validated cache files bsc992534 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
SUSE SLES11 Security Update : fontconfig (SUSE-SU-2016:2186-1)
This update for fontconfig fixes the following issues : - security update : - CVE-2016-5384: Possible double free due to insufficiently validated cache files bsc992534 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenabl...
SUSE SLED12 / SLES12 Security Update : fontconfig (SUSE-SU-2016:2190-1)
This update for fontconfig fixes the following issues : - security update : - CVE-2016-5384: Possible double free due to insufficiently validated cache files bsc992534 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenabl...
Updated fontconfig packages fix security vulnerability
Tobias Stoeckmann discovered that cache files are insufficiently validated in fontconfig, a generic font configuration library. An attacker can trigger arbitrary free calls, which in turn allows double free attacks and therefore arbitrary code execution. In combination with setuid binaries using...
SUSE-SU-2016:2190-1 Security update for fontconfig
This update for fontconfig fixes the following issues: - security update: CVE-2016-5384: Possible double free due to insufficiently validated cache files bsc992534...
SUSE-SU-2016:2186-1 Security update for fontconfig
This update for fontconfig fixes the following issues: - security update: CVE-2016-5384: Possible double free due to insufficiently validated cache files bsc992534...
USN-3063-1 Fontconfig vulnerability | Cloud Foundry
USN-3063-1 Fontconfig vulnerability Medium Vendor Canonical Ubuntu, fontconfig Versions Affected Canonical Ubuntu 14.04 LTS Description Tobias Stoeckmann discovered that Fontconfig incorrectly handled cache files. A local attacker could possibly use this issue with a specially crafted cache file ...
FreeBSD : fontconfig -- insufficiently cache file validation (44989c29-67d1-11e6-8b1d-c86000169601)
Debian security team reports : Tobias Stoeckmann discovered that cache files are insufficiently validated in fontconfig, a generic font configuration library. An attacker can trigger arbitrary free calls, which in turn allows double free attacks and therefore arbitrary code execution. In...
[SECURITY] Fedora 23 Update: fontconfig-2.11.94-5.fc23
Fontconfig is designed to locate fonts within the system and select them according to requirements specified by applications...
Fedora Update for fontconfig FEDORA-2016-6802f2e52a
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 23 : fontconfig (2016-6802f2e52a)
Security fix for CVE-2016-5384 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Ubuntu 14.04 LTS / 16.04 LTS : Fontconfig vulnerability (USN-3063-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3063-1 advisory. Tobias Stoeckmann discovered that Fontconfig incorrectly handled cache files. A local attacker could possibly use this issue with a specially crafted...
Ubuntu: Security Advisory (USN-3063-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3063-1: Fontconfig vulnerability
Tobias Stoeckmann discovered that Fontconfig incorrectly handled cache files. A local attacker could possibly use this issue with a specially crafted cache file to elevate privileges...
USN-3063-1 fontconfig vulnerability
Tobias Stoeckmann discovered that Fontconfig incorrectly handled cache files. A local attacker could possibly use this issue with a specially crafted cache file to elevate privileges...