UbuntuUpdates.org

Package "libfontconfig1"

Name: libfontconfig1

Description:

generic font configuration library - runtime

Latest version: 2.11.94-0ubuntu1.1
Release: xenial (16.04)
Level: security
Repository: main
Head package: fontconfig

Links


Download "libfontconfig1"


Other versions of "libfontconfig1" in Xenial

Repository Area Version
base main 2.11.94-0ubuntu1
updates main 2.11.94-0ubuntu1.1

Changelog

Version: 2.11.94-0ubuntu1.1 2016-08-17 18:07:08 UTC

  fontconfig (2.11.94-0ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: double free when handling cache files
    - debian/patches/CVE-2016-5384.patch: properly validate offsets in
      cache files in src/fccache.c.
    - CVE-2016-5384

 -- Marc Deslauriers <email address hidden> Tue, 16 Aug 2016 13:27:38 -0400

CVE-2016-5384 fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free att



About   -   Send Feedback to @ubuntu_updates