UbuntuUpdates.org

Package "fontconfig"

Name: fontconfig

Description:

generic font configuration library - support binaries

Latest version: 2.11.94-0ubuntu1.1
Release: xenial (16.04)
Level: security
Repository: main

Links


Download "fontconfig"


Other versions of "fontconfig" in Xenial

Repository Area Version
base main 2.11.94-0ubuntu1
updates main 2.11.94-0ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.11.94-0ubuntu1.1 2016-08-17 18:07:08 UTC

  fontconfig (2.11.94-0ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: double free when handling cache files
    - debian/patches/CVE-2016-5384.patch: properly validate offsets in
      cache files in src/fccache.c.
    - CVE-2016-5384

 -- Marc Deslauriers <email address hidden> Tue, 16 Aug 2016 13:27:38 -0400

CVE-2016-5384 fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free att



About   -   Send Feedback to @ubuntu_updates