pango-1.14.9-5AXS3

エラータID: AXSA:2009-50:01

Release date:

Thursday, May 21, 2009 - 10:02

Subject:

pango-1.14.9-5AXS3

Affected Channels:

Asianux Server 3 for x86

Asianux Server 3 for x86_64

Severity:

High

Description:

Pango is a system for layout and rendering of internationalized text.
Fixed bugs:
CVE-2009-1194
Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.

Solution:

Update packages.

CVEs:

CVE-2009-1194
Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.

Additional Info:

N/A

Download:

SRPMS

pango-1.14.9-5AXS3.src.rpm
MD5: 24adb66e537490d6b82f06fe643606b1
SHA-256: b7f726b83fd8102954c1e5f24b8873fdeddead86a92fa1b3974ed2e602cf28a6
Size: 1.17 MB

Asianux Server 3 for x86

pango-1.14.9-5AXS3.i386.rpm
MD5: 2163abcc05b15cf3475b53ca07ce7727
SHA-256: 4bb6ead3c55f8a2adca21c5b1660642854d3f051eb1272cb97698aa0a1d1ffe2
Size: 332.77 kB
pango-devel-1.14.9-5AXS3.i386.rpm
MD5: 20a319d8dc9a4c1adf916a31d32c2e16
SHA-256: 89a191b156f1bf0614e689cb4c657caa7cbf1e431e4b471db91e46ac28c54614
Size: 282.94 kB

Asianux Server 3 for x86_64

pango-1.14.9-5AXS3.x86_64.rpm
MD5: af4ed1eb0828e455084c040e53914b84
SHA-256: f6ce14731b32bad565e790785f409522efb4bdc6d1bfe8bf4eecabef86a750d5
Size: 335.60 kB
pango-devel-1.14.9-5AXS3.x86_64.rpm
MD5: 49d1410539d3c484d46a40afa930fce4
SHA-256: c5fa110acadf7d286568012a9e8e71acde58f0243a862b07f3a85b72cdc8196b
Size: 283.65 kB

日本語

Main menu

You are here

pango-1.14.9-5AXS3