Описание
ELSA-2011-0309: pango security update (CRITICAL)
[1.28.1-3.el6_0.5]
- Prevent an integer overflow in hb_buffer_ensure() Related: #679693
[1.28.1-3.el6_0.4]
- Check for realloc failures in hb_buffer_ensure() (CVE-2011-0064)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
pango
1.28.1-3.el6_0.5
pango-devel
1.28.1-3.el6_0.5
Oracle Linux i686
pango
1.28.1-3.el6_0.5
pango-devel
1.28.1-3.el6_0.5
Связанные CVE
Связанные уязвимости
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in P ...
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.