[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 3995-1] libxfont security update

On Tue, Oct 10, 2017 at 09:22:11PM +0200, Moritz Muehlenhoff wrote:
> -------------------------------------------------------------------------
> Debian Security Advisory DSA-3995-1                   security@debian.org
> https://www.debian.org/security/                       Moritz Muehlenhoff
> October 10, 2017                      https://www.debian.org/security/faq
> -------------------------------------------------------------------------
> Package        : libxfont
> CVE ID         : CVE-2017-13720 CVE-2017-13722
> Two vulnerabilities were found in libXfont, the X11 font rasterisation
> library, which could result in denial of service or memory disclosure.
> For the oldstable distribution (jessie), these problems have been fixed
> in version 1:1.5.1-1+deb8u1.
> For the stable distribution (stretch), these problems have been fixed in
> version 1:2.0.1-3+deb9u1.
> We recommend that you upgrade your libxfont packages.

src:libxfont1 in stretch also requires the fixes.



       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

Reply to: