Advisories ยป MGASA-2017-0217

Updated graphite2 packages fix security vulnerabilities

Publication date: 25 Jul 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-5436 , CVE-2017-7771 , CVE-2017-7772 , CVE-2017-7773 , CVE-2017-7774 , CVE-2017-7775 , CVE-2017-7776 , CVE-2017-7777 , CVE-2017-7778

Description

An out-of-bounds write triggered with a maliciously crafted Graphite
font could lead to a crash or potentially code execution
(CVE-2017-5436).

Multiple vulnerabilities have been found in the Graphite font rendering
engine which might result in denial of service or the execution of
arbitrary code if a malformed font file is processed (CVE-2017-7771,
CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775,
CVE-2017-7776, CVE-2017-7777, CVE-2017-7778).
                

References

SRPMS

5/core