Nom du paquet
libxfont
Date
2014-01-21
Advisory ID
MDVSA-2014:013
Affected versions
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problem description

A vulnerability has been discovered and corrected in libxfont:

Stack-based buffer overflow in the bdfReadCharacters function in
bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote
attackers to cause a denial of service (crash) or possibly execute
arbitrary code via a long string in a character name in a BDF font file
(CVE-2013-6462).

The updated packages have been patched to correct this issue.

Updated packages

MES5 i586

 21ddd5d021a3721894d8e91769e665e1  mes5/i586/libxfont1-1.3.3-1.2mdvmes5.2.i586.rpm
 7279ba4ef6c459df5526e8fd47f8b546  mes5/i586/libxfont1-devel-1.3.3-1.2mdvmes5.2.i586.rpm
 e57c2ac9880cacb6a8c5555de20242a8  mes5/i586/libxfont1-static-devel-1.3.3-1.2mdvmes5.2.i586.rpm 
 5c5414a45107d891f13b3694b853bb24  mes5/SRPMS/libxfont-1.3.3-1.2mdvmes5.2.src.rpm

MBS1 x86_64

 8987c8fe13c56daf372157d7af320fa6  mbs1/x86_64/lib64xfont1-1.4.5-2.1.mbs1.x86_64.rpm
 5e0a2e81d72fdc0acb4d9cd6ebc102c2  mbs1/x86_64/lib64xfont1-devel-1.4.5-2.1.mbs1.x86_64.rpm
 aeae88972fbbc4f41cd1540c05506661  mbs1/x86_64/lib64xfont1-static-devel-1.4.5-2.1.mbs1.x86_64.rpm 
 f3e0098239e7e631e0419d302598dacd  mbs1/SRPMS/libxfont-1.4.5-2.1.mbs1.src.rpm

MES5 x86_64

 7bcfca76e624e2fa6856425fe341759b  mes5/x86_64/lib64xfont1-1.3.3-1.2mdvmes5.2.x86_64.rpm
 9da93243f5c64b958a49716d014598f6  mes5/x86_64/lib64xfont1-devel-1.3.3-1.2mdvmes5.2.x86_64.rpm
 9246fa2da72cfdc0632b71d133dedb12  mes5/x86_64/lib64xfont1-static-devel-1.3.3-1.2mdvmes5.2.x86_64.rpm 
 5c5414a45107d891f13b3694b853bb24  mes5/SRPMS/libxfont-1.3.3-1.2mdvmes5.2.src.rpm

References