pango-1.14.9-8.AXS3.3
エラータID: AXSA:2011-317:02
Release date:
Thursday, October 13, 2011 - 12:32
Subject:
pango-1.14.9-8.AXS3.3
Affected Channels:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
Pango is a system for layout and rendering of internationalized text.
Security issues fixed with this release:
CVE-2011-3193
No information available at the time of writing, please refer to the CVE links below
Solution:
Update packages.
CVEs:
CVE-2011-3193
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Additional Info:
N/A
Download:
Asianux Server 3 for x86
- pango-1.14.9-8.AXS3.3.i386.rpm
MD5: f73e7b76618be49e90990f83b041c04d
SHA-256: badb6c90c43b37894a5a5e18ff7d0f0b1959efd8a35c0f14b1ca7de7aeb9e9d3
Size: 335.22 kB - pango-devel-1.14.9-8.AXS3.3.i386.rpm
MD5: 33295ffd1d3d4b89f678b2312d2310cc
SHA-256: 747f586a0d51121046fac6692c5e0e6c4b832ed150a969db58d2f739eeb331a0
Size: 277.50 kB
Asianux Server 3 for x86_64
- pango-1.14.9-8.AXS3.3.x86_64.rpm
MD5: e3faab31f84472afda35a1c5bdb9ece7
SHA-256: ca4345c7f65bc209489b9e8edd1ec64caedbfd3da59ae9d852eb2abf1f1c05e9
Size: 339.29 kB - pango-devel-1.14.9-8.AXS3.3.x86_64.rpm
MD5: b5aaba8a7d17410555bb9e5e37ea4643
SHA-256: ed3cf750435dcc68103261fc2ffacafc81df5d3de36e508f1f94a28f5d818c4a
Size: 278.12 kB
日本語