New Search

ELSA-2014-1870 -- libXfont security update (important)

oval:org.mitre.oval:def:28393

[1.4.5-4] - CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602 bug 1163601) - CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602 bug 1163601) - CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602 bug 1163601)

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 6
  • Oracle Linux 7
Class:
patch
Reference(s):
  • ELSA-2014-1870
  • CVE-2014-0209
  • CVE-2014-0210
  • CVE-2014-0211
Product(s):
  • libXfont