Описание
ELSA-2019-2582: pango security update (IMPORTANT)
[1.42.4-5]
- Fixes crash in pango_fc_font_key_get_variations when key is null
[1.42.4-4]
- Fixes bidi crash
- Security fix for CVE-2019-1010238
- Resolves: #1738461
[1.42.4-3]
- rebuild
[1.42.4-2]
- rebuild
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
pango
1.42.4-5.el8_0
pango-devel
1.42.4-5.el8_0
Oracle Linux x86_64
pango
1.42.4-5.el8_0
pango-devel
1.42.4-5.el8_0
Связанные CVE
Связанные уязвимости
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact ...