New Search

ELSA-2014-1893 -- libXfont security update (important)

oval:org.mitre.oval:def:28414

[1.2.2-1.0.6] - CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602 bug 1163601) - CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602 bug 1163601) - CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602 bug 1163601)

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
Class:
patch
Reference(s):
  • ELSA-2014-1893
  • CVE-2014-0209
  • CVE-2014-0210
  • CVE-2014-0211
Product(s):
  • libXfont