[El-errata] ELSA-2014-1870 Important: Oracle Linux 6 libXfont security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Nov 20 06:16:56 PST 2014
Oracle Linux Security Advisory ELSA-2014-1870
https://rhn.redhat.com/errata/RHSA-2014-1870.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
libXfont-1.4.5-4.el6_6.i686.rpm
libXfont-devel-1.4.5-4.el6_6.i686.rpm
x86_64:
libXfont-1.4.5-4.el6_6.i686.rpm
libXfont-1.4.5-4.el6_6.x86_64.rpm
libXfont-devel-1.4.5-4.el6_6.i686.rpm
libXfont-devel-1.4.5-4.el6_6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/libXfont-1.4.5-4.el6_6.src.rpm
Description of changes:
[1.4.5-4]
- CVE-2014-0209: integer overflow of allocations in font metadata file
parsing (bug 1163602, bug 1163601)
- CVE-2014-0210: unvalidated length fields when parsing xfs protocol
replies (bug 1163602, bug 1163601)
- CVE-2014-0211: integer overflows calculating memory needs for xfs
replies (bug 1163602, bug 1163601)
More information about the El-errata
mailing list