Sigurnosni nedostatak paketa graphite2

U programskom paketu graphite2 otkriven je sigurnosni nedostatak. Posljedice napada koji omogućuje nedostatak nisu poznate.

Paket:	graphite 2.x
Operacijski sustavi:	Mandriva Linux 2011
Problem:	nespecificirana pogreška
Iskorištavanje:	lokalno/udaljeno
Posljedica:	podmetanje zlonamjerno oblikovanih datoteka
Rješenje:	programska zakrpa proizvođača
Izvorni ID preporuke:	MDVSA-2011:174
Izvor:	Mandriva

Problem:
Točan uzrok nedostatka nije poznat.
Posljedica:
Iskorištavanje otkrivenog nedostatka uključuje podmetanje posebno oblikovanih TTF fontova, a posljedice napada nisu poznate.
Rješenje:
Korisnicima se savjetuje korištenje najnovije inačice.

Izvorni tekst preporuke

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:174
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : graphite2
 Date    : November 14, 2011
 Affected: 2011.
 _______________________________________________________________________

 Problem Description:

 Unspecified vulnerabilities were discovered in graphite2 conserning
 specially crafted TTF fonts and which has unknown impact. As a
 preemptive measure the new 1.0.3 version is being provided where this
 is fixed.
 _______________________________________________________________________

 References:

 https://bugzilla.mozilla.org/show_bug.cgi?id=631479
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2011:
 656a524a48dd18893b11d833b035e8e9 
2011/i586/libgraphite2_2-1.0.3-0.1-mdv2011.0.i586.rpm
 b8b93abba2950ed3b37e7fe1bb20c08b 
2011/i586/libgraphite2-devel-1.0.3-0.1-mdv2011.0.i586.rpm 
 92b38117eba6fae69ada0e8722a1217d  2011/SRPMS/graphite2-1.0.3-0.1.src.rpm

 Mandriva Linux 2011/X86_64:
 30f581a6ec696b5da463f035b6cf0b21 
2011/x86_64/lib64graphite2_2-1.0.3-0.1-mdv2011.0.x86_64.rpm
 a49510ae6097238f9faa87d28c174dc7 
2011/x86_64/lib64graphite2-devel-1.0.3-0.1-mdv2011.0.x86_64.rpm 
 92b38117eba6fae69ada0e8722a1217d  2011/SRPMS/graphite2-1.0.3-0.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFOwSdPmqjQ0CJFipgRAqfUAJkBuDW96f2Ta/w8z6Coznz8ZXdvsACguWNZ
yuU9uaUGh+WBGEZ3QWRO78s=
=eTLt
-----END PGP SIGNATURE-----

Sigurnosni nedostatak paketa graphite2

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Sigurnosni nedostatak paketa graphite2

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti