All errata/c10f2/ALT-PU-2026-10613-2
ALT-PU-2026-10613-2

Package update libXfont2 in branch c10f2

Version2.0.4-alt2
Published2026-07-09
Max severityHIGH
Severity:

Closed issues (3)

CVE-2026-56001
HIGH8.5

A heap buffer overflow in BitmapScaleBitmaps in libXfont2 before 2.0.8 due to an overflowing 32bit size could be used by attackers able to access the X Server to execute code within the X server cont

Published: 2026-07-08Modified: 2026-07-09
CVSS 3.xHIGH 8.5
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2026-56003
HIGH8.5

A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties() before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server.

Published: 2026-07-08Modified: 2026-07-09
CVSS 3.xHIGH 8.5
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H