Branch p8 update bulletin.

Package libXfont updated to version 1.5.3-alt0.M80P.1 for branch p8 in task 191289.

Published: 2017-10-11
Modified: 2024-11-21

CVE-2017-13720

In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters.

Severity: HIGH (7.1) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

References:

Published: 2017-10-11
Modified: 2024-11-21

CVE-2017-13722

In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.

Severity: HIGH (7.1) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

References:

Package libXres updated to version 1.2.0-alt0.M80P.1 for branch p8 in task 191294.

Published: 2013-06-15

BDU:2015-03134

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06306

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06354

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06355

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06356

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06357

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06358

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06359

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06360

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06361

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06362

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06363

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06364

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06365

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06366

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06367

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06375

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06376

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06377

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06378

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06379

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06380

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06392

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06393

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06394

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06395

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06396

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06397

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06398

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06399

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06400

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06401

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06402

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06403

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06404

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06405

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06406

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06407

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06408

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06409

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06410

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06411

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06412

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06575

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06576

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06577

Severity: MEDIUM (6.8)

References:

Published: 2014-10-14

BDU:2015-06607

Severity: MEDIUM (6.8)

References:

Published: 2014-05-15

BDU:2015-09727

Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: MEDIUM (6.8)

References:

CVE-2013-1056
CVE-2013-1940
CVE-2013-1981
CVE-2013-1982
CVE-2013-1983
CVE-2013-1984
CVE-2013-1985
CVE-2013-1986
CVE-2013-1987
CVE-2013-1988
CVE-2013-1989
CVE-2013-1990
CVE-2013-1991
CVE-2013-1992
CVE-2013-1993
CVE-2013-1994
CVE-2013-1995
CVE-2013-1996
CVE-2013-1997
CVE-2013-1998
CVE-2013-1999
CVE-2013-2000
CVE-2013-2001
CVE-2013-2002
CVE-2013-2003
CVE-2013-2004
CVE-2013-2005
CVE-2013-2062
CVE-2013-2063
CVE-2013-2064
CVE-2013-2066
CVE-2013-4396
GLSA-201405-07

Published: 2013-06-15
Modified: 2024-11-21

CVE-2013-1988

Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions.

Severity: MEDIUM (6.8)

References:

Package libXfont2 updated to version 2.0.2-alt0.M80P.1 for branch p8 in task 191299.

Published: 2017-10-11
Modified: 2024-11-21

CVE-2017-13720

Severity: HIGH (7.1) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

References:

Published: 2017-10-11
Modified: 2024-11-21

CVE-2017-13722

Severity: HIGH (7.1) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

References:

Package lcdtest updated to version 1.18-alt1.M80P.2 for branch p8 in task 191316.

lcdtest: fatal error: can't open font

Version: 2.1.0

ALT-BU-2017-3447-1

Closed vulnerabilities

Closed vulnerabilities

Closed vulnerabilities

Closed bugs