Описание
Recommended update for xorg-x11-libs
This update for xorg-x11-libs fixes the following issues:
- The original fix for CVE-2015-1804 prevented DWIDTH to be negative. However, the spec states that 'DWIDTH [...] is a vector indicating the position of the next glyph's origin relative to the origin of this glyph'. Consequently, negative DWIDTH values should be allowed. (bsc#958383)
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
xorg-x11-libs-7.4-8.26.46.1
xorg-x11-libs-32bit-7.4-8.26.46.1
SUSE Linux Enterprise Desktop 11 SP4
xorg-x11-libs-7.4-8.26.46.1
xorg-x11-libs-32bit-7.4-8.26.46.1
SUSE Linux Enterprise Server 11 SP3
xorg-x11-libs-7.4-8.26.46.1
xorg-x11-libs-32bit-7.4-8.26.46.1
xorg-x11-libs-x86-7.4-8.26.46.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
xorg-x11-libs-7.4-8.26.46.1
xorg-x11-libs-32bit-7.4-8.26.46.1
xorg-x11-libs-x86-7.4-8.26.46.1
SUSE Linux Enterprise Server 11 SP4
xorg-x11-libs-7.4-8.26.46.1
xorg-x11-libs-32bit-7.4-8.26.46.1
xorg-x11-libs-x86-7.4-8.26.46.1
SUSE Linux Enterprise Server for SAP Applications 11 SP3
xorg-x11-libs-7.4-8.26.46.1
xorg-x11-libs-32bit-7.4-8.26.46.1
xorg-x11-libs-x86-7.4-8.26.46.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
xorg-x11-libs-7.4-8.26.46.1
xorg-x11-libs-32bit-7.4-8.26.46.1
xorg-x11-libs-x86-7.4-8.26.46.1
SUSE Linux Enterprise Software Development Kit 11 SP3
xorg-x11-devel-7.4-8.26.46.1
xorg-x11-devel-32bit-7.4-8.26.46.1
SUSE Linux Enterprise Software Development Kit 11 SP4
xorg-x11-devel-7.4-8.26.46.1
xorg-x11-devel-32bit-7.4-8.26.46.1
Ссылки
- Link for SUSE-RU-2015:2393-1
- E-Mail link for SUSE-RU-2015:2393-1
- SUSE Security Ratings
- SUSE Bug 958383
- SUSE CVE CVE-2015-1804 page
Описание
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-libs-32bit-7.4-8.26.46.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-libs-7.4-8.26.46.1
SUSE Linux Enterprise Desktop 11 SP4:xorg-x11-libs-32bit-7.4-8.26.46.1
SUSE Linux Enterprise Desktop 11 SP4:xorg-x11-libs-7.4-8.26.46.1
Ссылки
- CVE-2015-1804
- SUSE Bug 921978