Bug 34827 - libxfont: Multiple issues (3.2)
Summary: libxfont: Multiple issues (3.2)
Status: CLOSED FIXED
Alias: None
Product: UCS
Classification: Unclassified
Component: Security updates
Version: UCS 3.2
Hardware: Other Linux
: P2 normal
Target Milestone: UCS 3.2-2-errata
Assignee: Janek Walkenhorst
QA Contact: Moritz Muehlenhoff
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-05-14 05:46 CEST by Moritz Muehlenhoff
Modified: 2014-07-11 11:23 CEST (History)
0 users

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Customer ID:
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Muehlenhoff univentionstaff 2014-05-14 05:46:14 CEST 
Integer overflow in font parsing (CVE-2014-0209)
Mising input sanitising and integer overflows in the handling of XFS replies (CVE-2014-0210, CVE-2014-0211)
Comment 1 Janek Walkenhorst univentionstaff 2014-07-10 17:40:40 CEST 
New version built.
Tests (amd64): OK
Advisory: 2014-07-10-libxfont.yaml
Comment 2 Moritz Muehlenhoff univentionstaff 2014-07-11 09:06:37 CEST 
Update ok. I've commited a small change to the YAML file.
Comment 3 Janek Walkenhorst univentionstaff 2014-07-11 11:23:50 CEST 
http://errata.univention.de/ucs/3.2/144.html