Описание
ELSA-2011-0180: pango security update (MODERATE)
[1.28.1-3.el6_0.3]
- Fix a division by zero found in testing
[1.28.1-3.el6_0.2]
- Use -fno-strict-aliasing for C++, too
- Escape macros in %changelog
[1.28.1-3.el6_0.1]
- Prevent heap corruption with malformed fonts. (CVE-2011-0020)
- Resolves: #671529
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
pango
1.14.9-8.0.1.el5_6.2
pango-devel
1.14.9-8.0.1.el5_6.2
Oracle Linux x86_64
pango
1.14.9-8.0.1.el5_6.2
pango-devel
1.14.9-8.0.1.el5_6.2
Oracle Linux i386
pango
1.14.9-8.0.1.el5_6.2
pango-devel
1.14.9-8.0.1.el5_6.2
Oracle Linux 6
Oracle Linux x86_64
pango
1.28.1-3.el6_0.3
pango-devel
1.28.1-3.el6_0.3
Oracle Linux i686
pango
1.28.1-3.el6_0.3
pango-devel
1.28.1-3.el6_0.3
Связанные CVE
Связанные уязвимости
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph func ...
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.