UbuntuUpdates.org

Package "fontconfig"

Name: fontconfig

Description:

generic font configuration library - support binaries

Latest version: 2.8.0-3ubuntu9.2
Release: precise (12.04)
Level: security
Repository: main

Links


Download "fontconfig"


Other versions of "fontconfig" in Precise

Repository Area Version
base main 2.8.0-3ubuntu9
updates main 2.8.0-3ubuntu9.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.8.0-3ubuntu9.2 2016-08-17 18:07:05 UTC

  fontconfig (2.8.0-3ubuntu9.2) precise-security; urgency=medium

  * SECURITY UPDATE: double free when handling cache files
    - debian/patches/08_CVE-2016-5384.patch: properly validate offsets in
      cache files in src/fccache.c.
    - CVE-2016-5384

 -- Marc Deslauriers <email address hidden> Tue, 16 Aug 2016 13:33:30 -0400

CVE-2016-5384 fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free att



About   -   Send Feedback to @ubuntu_updates