Debian Security Advisory
DSA-2293-1 libxfont -- buffer overflow
- Date Reported:
- 12 Aug 2011
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2011-2895.
- More information:
Tomas Hoger found a buffer overflow in the X.Org libXfont library, which may allow for a local privilege escalation through crafted font files.
For the oldstable distribution (lenny), this problem has been fixed in version 1.3.3-2.
For the stable distribution (squeeze), this problem has been fixed in version 1.4.1-3.
For the unstable distribution (sid), this problem has been fixed in version 1.4.4-1.
We recommend that you upgrade your libxfont packages.