ELSA-2016-0594

Опубликовано: 05 апр. 2016

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2016-0594: graphite2 security, bug fix, and enhancement update (IMPORTANT)

[1.3.6-1]

Related: rhbz#1309052 CVE-2016-1521 CVE-2016-1522 CVE-2016-1523 CVE-2016-1526

[1.3.5-1]

Resolves: rhbz#1309052 CVE-2016-1521 CVE-2016-1522 CVE-2016-1523 CVE-2016-1526

[1.2.4-6]

Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

[1.2.4-5]

Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

[1.2.4-4]

Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code

[1.2.4-3]

Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

[1.2.4-2]

Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

[1.2.4-1]

New upstream release

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

graphite2

1.3.6-1.el7_2

graphite2-devel

1.3.6-1.el7_2

Oracle Linux x86_64

graphite2

1.3.6-1.el7_2

graphite2-devel

1.3.6-1.el7_2

Связанные CVE

Ссылки на источники

Связанные уязвимости

ELSA-2016-0197

oracle-oval

больше 9 лет назад

ELSA-2016-0197: firefox security update (CRITICAL)

openSUSE-SU-2016:0875-1

suse-cvrf

больше 9 лет назад

Security update for graphite2

SUSE-SU-2016:0779-1

suse-cvrf

больше 9 лет назад

Security update for graphite2

CVE-2016-1523

CVSS3: 6.5

ubuntu

больше 9 лет назад

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font.

CVE-2016-1523

redhat

больше 9 лет назад