On 23 July 2014 09:04, <jackie.hu...@windriver.com> wrote: > 0001-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch > CVE-2014-0209: > Multiple integer overflows in the (1) FontFileAddEntry and > (2) lexAlias functions in X.Org libXfont before 1.4.8 and > 1.4.9x before 1.4.99.901 might allow local users to gain > privileges by adding a directory with a large fonts.dir or > fonts.alias file to the font path, which triggers a heap-based > buffer overflow, related to metadata. > > CVE-2014-0210: > Multiple buffer overflows in X.Org libXfont before 1.4.8 and > 1.4.9x before 1.4.99.901 allow remote font servers to execute > arbitrary code via a crafted xfs protocol reply to the > (1) _fs_recv_conn_setup, (2) fs_read_open_font, > (3) fs_read_query_info, (4) fs_read_extent_info, > (5) fs_read_glyphs, (6) fs_read_list, or > (7) fs_read_list_info function. > > CVE-2014-0211: > Multiple integer overflows in the (1) fs_get_reply, > (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions > in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 > allow remote font servers to execute arbitrary code via > a crafted xfs reply, which triggers a buffer overflow.
I sent an upgrade to 1.5.0 yesterday, which has all of these integrated. Ross -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
