GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sat Nov 11, 2017 4:26 pm Post subject: [ GLSA 201711-08 ] LibXfont, LibXfont2 |
|
|
Gentoo Linux Security Advisory
Title: LibXfont, LibXfont2: Multiple vulnerabilities (GLSA 201711-08)
Severity: normal
Exploitable: local
Date: 2017-11-11
Bug(s): #634044
ID: 201711-08
Synopsis
Multiple vulnerabilities have been found in LibXfont and Libxfont2,
the worst of which could allow attackers to cause a Denial of Service
condition.
Background
X.Org Xfont library
Affected Packages
Package: x11-libs/libXfont2
Vulnerable: < 2.0.2
Unaffected: >= 2.0.2
Architectures: All supported architectures
Package: x11-libs/libXfont
Vulnerable: < 1.5.3
Unaffected: >= 1.5.3
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in LibXfont and LibXfont2.
Please review the referenced CVE identifiers for details.
Impact
Local attackers could obtain sensitive information or possibly cause a
Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All LibXfont2 users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libXfont2-2.0.2"
| All LibXfont users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.5.3"
|
References
CVE-2017-13720
CVE-2017-13722
Last edited by GLSA on Mon Jan 15, 2018 4:17 am; edited 1 time in total |
|