[ubuntu/bionic-proposed] libxfont 1:2.0.1-4ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed Nov 29 20:22:12 UTC 2017
libxfont (1:2.0.1-4ubuntu1) bionic; urgency=medium
* SECURITY UPDATE: non-privileged arbitrary file access
- src/fontfile/dirfile.c, src/fontfile/fileio.c: open files with
O_NOFOLLOW.
- CVE-2017-16611
Date: Wed, 29 Nov 2017 15:10:48 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libxfont/1:2.0.1-4ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 29 Nov 2017 15:10:48 -0500
Source: libxfont
Binary: libxfont2 libxfont2-udeb libxfont-dev
Architecture: source
Version: 1:2.0.1-4ubuntu1
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libxfont-dev - X11 font rasterisation library (development headers)
libxfont2 - X11 font rasterisation library
libxfont2-udeb - X11 font rasterisation library (udeb)
Changes:
libxfont (1:2.0.1-4ubuntu1) bionic; urgency=medium
.
* SECURITY UPDATE: non-privileged arbitrary file access
- src/fontfile/dirfile.c, src/fontfile/fileio.c: open files with
O_NOFOLLOW.
- CVE-2017-16611
Checksums-Sha1:
54474a6d1bb1443dc039252c547e5ad3cc302155 2277 libxfont_2.0.1-4ubuntu1.dsc
62906f4a205d45ccfda937b260db602efae2931d 28296 libxfont_2.0.1-4ubuntu1.diff.gz
bbf7ebf3582c315f3f5cad0d0c954ef71304baa0 6389 libxfont_2.0.1-4ubuntu1_source.buildinfo
Checksums-Sha256:
28687b27455623f548ea21d66a9b46536e68d5b7c7a6915ae997452297ac3214 2277 libxfont_2.0.1-4ubuntu1.dsc
c79288cc0e4d061cb3b38afd0c14c8fc3ca0a3646247b8338e6e0db03b703c05 28296 libxfont_2.0.1-4ubuntu1.diff.gz
d30221ee76da963cc6b207897f8138f539c512e0ddd8070f87ee66a03d527633 6389 libxfont_2.0.1-4ubuntu1_source.buildinfo
Files:
abc781863fe6466c04e24b8454bfce5e 2277 x11 optional libxfont_2.0.1-4ubuntu1.dsc
3630b258d10e654bd2348f750086f542 28296 x11 optional libxfont_2.0.1-4ubuntu1.diff.gz
ae75b5faa0d91580112d2543cdaf23f3 6389 x11 optional libxfont_2.0.1-4ubuntu1_source.buildinfo
Original-Maintainer: Debian X Strike Force <debian-x at lists.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJaHxa0AAoJEGVp2FWnRL6TzTIQAJUYNT6n/yn81Y4uOwEhRxrZ
E2o3dE7X1v2dG3UhrD/J4eUwLGaKOZrcov37dWRVqfd1nJEEYPLtTu4/SfA8mlcQ
FFlbkffNu+yS+r2Mz+BcW5ApyMl6AhInOl1av0lVeDvO7/MutT048ypI5pcWR7id
+lEkdWT39dPoGBkz0iznl1IM+QlnjQw04HOJ9h354ueR0asLQUMvMy4LjMVwbtNm
wpSFmKsxyShIWWJvgCn0DBguJpWruUtTR/o6hFfQ0/leQfDNVXD+8R5T+AAGBpNq
dBzoVcUB7InC9FPzDKHeknwpc2P3lreEv+5jOnd36u8UVdJ4N/VBbLFufhdaBx19
n5R429Kp/G2BlbdcexdTL0yOTqM7ca8GHX9OoHw4Q5raLTJ6fRVWqu1y6iNiM1Ng
wD1MbuNX6AccPHLJjgSI0r7GMuZqCTWBUxVG7l3lUi2159TA/2Tws0mRYzVGHxiy
5coCD3XnXbUkD1WXv2yn9gabfwp/+Z7w5soW+Iw+IvuMMRdAh9NnQmO2OhDzEsNc
QICm3GOaqBfQYvzCjUiGT2St3Dx0k6AliECGnvajGkA97/mTT38VUMctyFV5jrnZ
GyyWyR+g5tFBPou1qJvjvEmCZWBd9Hncx6uIVSXMYmdL89tw1QD6vKrONl3F5mV6
UfFpsMSYTYKK2Bk3B4jz
=JJHI
-----END PGP SIGNATURE-----
More information about the Bionic-changes
mailing list