CVS commit: pkgsrc/emulators/suse131_x11

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/emulators/suse131_x11
From: "OBATA Akio" <obache%netbsd.org@localhost>
Date: Fri, 23 May 2014 13:18:56 +0000

Module Name:    pkgsrc
Committed By:   obache
Date:           Fri May 23 13:18:56 UTC 2014

Modified Files:
        pkgsrc/emulators/suse131_x11: Makefile distinfo

Log Message:
Apply openSUSE Security Update: openSUSE-SU-2014:0711-1
libXfont: Fixed multiple vulnerabilities

   An update that fixes three vulnerabilities is now available.

Description:

   libxfont was updated to fix multiple vulnerabilities:
   - Integer overflow of allocations in font metadata file parsing
     (CVE-2014-0209).
   - Unvalidated length fields when parsing xfs protocol replies
     (CVE-2014-0210).
   - Integer overflows calculating memory needs for xfs replies
     (CVE-2014-0211).

   These vulnerabilities could be used by a local, authenticated user to
   raise privileges
   or by a remote attacker with control of the font server to execute code
    with the privileges of the X server.


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 pkgsrc/emulators/suse131_x11/Makefile \
    pkgsrc/emulators/suse131_x11/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/geography/gdal-lib
Next by Date: CVS commit: pkgsrc/emulators/suse131_x11
Previous by Thread: CVS commit: pkgsrc/geography/gdal-lib
Next by Thread: CVS commit: pkgsrc/emulators/suse131_x11
Indexes:

Home | Main Index | Thread Index | Old Index