Описание
ELSA-2016-2601: fontconfig security and bug fix update (MODERATE)
[2.10.95-10]
- Fix a regression in the previous change. (#1355930)
[2.10.95-9]
- CVE-2016-5384: Validate offsets in cache files properly. (#1355930)
[2.10.95-8]
- Update 45-latin.conf to add some hints to fall back for Windows fonts (#1073460)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
fontconfig
2.10.95-10.el7
fontconfig-devel
2.10.95-10.el7
fontconfig-devel-doc
2.10.95-10.el7
Oracle Linux x86_64
fontconfig
2.10.95-10.el7
fontconfig-devel
2.10.95-10.el7
fontconfig-devel-doc
2.10.95-10.el7
Связанные CVE
Связанные уязвимости
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
fontconfig before 2.12.1 does not validate offsets, which allows local ...
