1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3515-1] graphite2 security update

    From Moritz Muehlenhoff@1:229/2 to All on Sun Mar 13 20:20:02 2016
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3515-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff
    March 13, 2016 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : graphite2
    CVE ID : CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792
    CVE-2016-2793 CVE-2016-2794 CVE-2016-2795 CVE-2016-2796
    CVE-2016-2797 CVE-2016-2798 CVE-2016-2799 CVE-2016-2800
    CVE-2016-2801 CVE-2016-2802

    Multiple vulnerabilities have been found in the Graphite font rendering
    engine which might result in denial of service or the execution of
    arbitrary code if a malformed font file is processed.

    For the oldstable distribution (wheezy), these problems have been fixed
    in version 1.3.6-1~deb7u1.

    For the stable distribution (jessie), these problems have been fixed in
    version 1.3.6-1~deb8u1.

    For the testing distribution (stretch), these problems have been fixed
    in version 1.3.6-1.

    For the unstable distribution (sid), these problems have been fixed in
    version 1.3.6-1.

    We recommend that you upgrade your graphite2 packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBAgAGBQJW5btcAAoJEBDCk7bDfE424zIP/3nlauVRnpBIoAMGQug+QNOE Kj8x9DfNdB6kErPjIupdOpzZtO8rPgFEd4E8I1IZVcl5p8V3lGr3ZARAv3DnmPQV wzRewq4K55OBVAkZqleYSsVLHbHJnQNnZavPM4ae++yGz8PBslMzj1r9PUUV6Q55 eaKqoTdzlPKAM5udnUNEgBSLG10pPYnftRkcakmCOtt0ks+6KQK0MapOimIvNN73 nToaK2vyjl4q2OY3gjjo5h3JuWkKQrbtO1gsalXxyTU4M1z62psNPY9ttcONWOVn zDPEsNU6I8y3JwWQbH9qWrAZI8rqum7NRuJh7fwE+J2wth+v6i24nwQTaF/wcmEz 3s5TQBIowj8YjGNGxoscGdgXw0noGxi/n+RJbacZwA1Ff7W3CaobgIU5IhVMBwDE Cvvj3shkiST5mYcM6HYYfJ9ma0GxpWIxB9IUnsEqZ3dHVkslVP/57AOT2FoZgNTg Ci1y9Lkgi1aQZuBDvwh59wA7p0n2s+7BAXstpn016muWR51JbZnmAi02GmyWD3ah SPbFruEQyU27u/1dpSL5lulM5V/UTU0+lCY7R13yNbVPkLEswzcls7/uAagOYmWa IXzRUvhmJ+LahM4DpQUbhkpOZwogiQ57MUsH+tsaKo6vMBEqIfeAhkTzSqMKY7Xk NaQRqQaCm67J7hUbmkXn
    =F2vQ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)