[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 3995-1] libxfont security update

On Tue, Oct 10, 2017 at 09:22:11PM +0200, Moritz Muehlenhoff wrote:
> -------------------------------------------------------------------------
> Debian Security Advisory DSA-3995-1                   security@debian.org
> https://www.debian.org/security/                       Moritz Muehlenhoff
> October 10, 2017                      https://www.debian.org/security/faq
> -------------------------------------------------------------------------
> 
> Package        : libxfont
> CVE ID         : CVE-2017-13720 CVE-2017-13722
> 
> Two vulnerabilities were found in libXfont, the X11 font rasterisation
> library, which could result in denial of service or memory disclosure.
> 
> For the oldstable distribution (jessie), these problems have been fixed
> in version 1:1.5.1-1+deb8u1.
> 
> For the stable distribution (stretch), these problems have been fixed in
> version 1:2.0.1-3+deb9u1.
> 
> We recommend that you upgrade your libxfont packages.
>...

src:libxfont1 in stretch also requires the fixes.

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed
Reply to: