pango-1.14.9-8.AXS3.3
エラータID: AXSA:2011-317:02
リリース日:
2011/10/13 Thursday - 12:32
題名:
pango-1.14.9-8.AXS3.3
影響のあるチャネル:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
以下項目について対処しました。<br />
<br />
[Security Fix]<br />
- 現時点では CVE-2011-3193 の情報が公開されておりません。<br />
CVEの情報が公開され次第情報をアップデートいたします。<br />
<br />
一部CVEの翻訳文はJVNからの引用になります。<br />
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2011-3193
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
追加情報:
N/A
ダウンロード:
Asianux Server 3 for x86
- pango-1.14.9-8.AXS3.3.i386.rpm
MD5: f73e7b76618be49e90990f83b041c04d
SHA-256: badb6c90c43b37894a5a5e18ff7d0f0b1959efd8a35c0f14b1ca7de7aeb9e9d3
Size: 335.22 kB - pango-devel-1.14.9-8.AXS3.3.i386.rpm
MD5: 33295ffd1d3d4b89f678b2312d2310cc
SHA-256: 747f586a0d51121046fac6692c5e0e6c4b832ed150a969db58d2f739eeb331a0
Size: 277.50 kB
Asianux Server 3 for x86_64
- pango-1.14.9-8.AXS3.3.x86_64.rpm
MD5: e3faab31f84472afda35a1c5bdb9ece7
SHA-256: ca4345c7f65bc209489b9e8edd1ec64caedbfd3da59ae9d852eb2abf1f1c05e9
Size: 339.29 kB - pango-devel-1.14.9-8.AXS3.3.x86_64.rpm
MD5: b5aaba8a7d17410555bb9e5e37ea4643
SHA-256: ed3cf750435dcc68103261fc2ffacafc81df5d3de36e508f1f94a28f5d818c4a
Size: 278.12 kB