Описание
ELSA-2019-2571: pango security update (IMPORTANT)
[1.42.4-4]
- Fixes bidi crash
- Security fix for CVE-2019-1010238
- Resolves: #1738459
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
pango
1.42.4-4.el7_7
pango-devel
1.42.4-4.el7_7
pango-tests
1.42.4-4.el7_7
Oracle Linux x86_64
pango
1.42.4-4.el7_7
pango-devel
1.42.4-4.el7_7
pango-tests
1.42.4-4.el7_7
Связанные CVE
Связанные уязвимости
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact ...