Debian Security Advisory
DLA-183-1 libxfont -- LTS security update
- Date Reported:
- 28 Mar 2015
- Affected Packages:
- libxfont
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-1802, CVE-2015-1803, CVE-2015-1804.
- More information:
-
Ilja van Sprundel, Alan Coopersmith and William Robinet discovered multiple issues in libxfont's code to process BDF fonts, which might result in privilege escalation.
For Debian 6
Squeeze
, these issues have been fixed in libxfont version 1:1.4.1-5+deb6u1
