27 matches found
SUSE: Security Advisory (SUSE-SU-2018:0246-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0334-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : libXfont (EulerOS-SA-2020-1241)
According to the versions of the libXfont package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open but not read files on the system as...
Huawei EulerOS: Security Advisory for libXfont (EulerOS-SA-2019-2539)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libXfont (EulerOS-SA-2019-2357)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : libXfont (EulerOS-SA-2019-2625)
According to the versions of the libXfont package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open but not read files on the system as root, triggering tape rewind...
EulerOS 2.0 SP5 : libXfont (EulerOS-SA-2019-2539)
According to the versions of the libXfont package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection c...
Debian: Security Advisory (DLA-1126-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : libXfont (openSUSE-2018-124)
This update for libXfont fixes several issues. These security issues were fixed : - CVE-2017-13720: Improper check for end of string in PatterMatch caused invalid reads bsc1054285 - CVE-2017-13722: Malformed PCF file could have caused DoS or leak information bsc1049692 - Prevent the X server from...
SUSE SLED12 / SLES12 Security Update : libXfont (SUSE-SU-2018:0334-1)
This update for libXfont fixes several issues. These security issues were fixed : - CVE-2017-13720: Improper check for end of string in PatterMatch caused invalid reads bsc1054285 - CVE-2017-13722: Malformed PCF file could have caused DoS or leak information bsc1049692 - Prevent the X server from...
SUSE-SU-2018:0334-1 Security update for libXfont
This update for libXfont fixes several issues. These security issues were fixed: - CVE-2017-13720: Improper check for end of string in PatterMatch caused invalid reads bsc1054285 - CVE-2017-13722: Malformed PCF file could have caused DoS or leak information bsc1049692 - Prevent the X server from...
SUSE SLES11 Security Update : xorg-x11-libs (SUSE-SU-2018:0246-1)
This update for xorg-x11-libs fixes several issues. These security issues were fixed : - CVE-2017-16612: Heap overflows due to an integer overflow while parsing images and a signedness issue while parsing comments bsc1065386. - CVE-2017-13720: Improper check for end of string in PatterMatch cause...
Fedora 27 : libXfont (2017-f3e5d31524)
Security fix for CVE-2017-13720 and CVE-2017-13722 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
openSUSE Security Update : libXfont (openSUSE-2017-1357)
This update for libXfont fixes several issues. These security issues were fixed : - CVE-2017-13720: Improper check for end of string in PatterMatch caused invalid reads bsc1054285 - CVE-2017-13722: Malformed PCF file could have caused DoS or leak information bsc1049692 - Prevent the X server from...
Fedora Update for libXfont FEDORA-2017-2783ef2c63
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : libXfont (2017-2783ef2c63)
Security fix for CVE-2017-13720 and CVE-2017-13722 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 25 : libXfont (2017-b7c4334524)
Security fix for CVE-2017-13720 and CVE-2017-13722 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
MGASA-2017-0373 Updated libxfont packages fix security vulnerabilities
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash denial of service. This occurs because '\0'...
Updated libxfont packages fix security vulnerabilities
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash denial of service. This occurs because '\0'...
CVE-2017-13722
CVE-2017-13722 affects libXfont (and libXfont2) prior to versions 2.0.2 and 1.5.3 respectively. The issue arises in the PCF font handling: in bitmap/pcfread.c within pcfGetProperties a missing boundary check on PCF files allows a local, authenticated attacker to induce a buffer over-read, leading...