pango-1.28.1-3.AXS4.3
エラータID: AXSA:2011-36:01
リリース日:
2011/02/15 Tuesday - 12:24
題名:
pango-1.28.1-3.AXS4.3
影響のあるチャネル:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
Pango is a system for layout and rendering of internationalized text.
Security issues fixed with this release:
CVE-2011-0020
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
解決策:
Update packages.
CVE:
CVE-2011-0020
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
追加情報:
N/A
ダウンロード:
SRPMS
- pango-1.28.1-3.AXS4.3.src.rpm
MD5: ee2e2dc0550cf49117e222cbcd2f46f3
SHA-256: 997f8b59aa2587ab1c22c8d51be4d78971d6fe843f27ef6b64962aade54b6b65
Size: 1.37 MB