Oval Definition:	oval:com.redhat.rhsa:def:20090476
Revision Date: 2009-05-08 Version: 638 Title: RHSA-2009:0476: pango security update (Important) Description: Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango's pango_glyph_string_set_size() function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the permissions of the application calling Pango. (CVE-2009-1194) pango and evolution28-pango users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, you must restart your system or restart the X server for the update to take effect. Note: Restarting the X server closes all open applications and logs you out of your session. Family: unix Class: patch Status: Reference(s): CVE-2009-1194 RHSA-2009:0476 RHSA-2009:0476-01 RHSA-2009:0476-01 Platform(s): Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 3 is installed AND pango-devel is earlier than 0:1.2.5-8 AND pango-devel is signed with Red Hat master key pango is earlier than 0:1.2.5-8 AND pango is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 4 is installed AND pango is earlier than 0:1.6.0-14.4_7 AND pango is signed with Red Hat master key pango-devel is earlier than 0:1.6.0-14.4_7 AND pango-devel is signed with Red Hat master key evolution28-pango-devel is earlier than 0:1.14.9-11.el4_7 AND evolution28-pango-devel is signed with Red Hat master key evolution28-pango is earlier than 0:1.14.9-11.el4_7 AND evolution28-pango is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 5 is installed AND pango is earlier than 0:1.14.9-5.el5_3 AND pango is signed with Red Hat redhatrelease key pango-devel is earlier than 0:1.14.9-5.el5_3 AND pango-devel is signed with Red Hat redhatrelease key Definition Synopsis Release Information Red Hat Enterprise Linux 3 is installed AND pango is earlier than 0:1.2.5-8 AND pango is signed with Red Hat master key pango-devel is earlier than 0:1.2.5-8 AND pango-devel is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 4 is installed AND pango is earlier than 0:1.6.0-14.4_7 AND pango is signed with Red Hat master key pango-devel is earlier than 0:1.6.0-14.4_7 AND pango-devel is signed with Red Hat master key evolution28-pango is earlier than 0:1.14.9-11.el4_7 AND evolution28-pango is signed with Red Hat master key evolution28-pango-devel is earlier than 0:1.14.9-11.el4_7 AND evolution28-pango-devel is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 5 is installed AND pango is earlier than 0:1.14.9-5.el5_3 AND pango is signed with Red Hat redhatrelease key pango-devel is earlier than 0:1.14.9-5.el5_3 AND pango-devel is signed with Red Hat redhatrelease key Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 4 is installed AND pango is earlier than 0:1.6.0-14.4_7 AND pango is signed with Red Hat redhatrelease2 key pango-devel is earlier than 0:1.6.0-14.4_7 AND pango-devel is signed with Red Hat redhatrelease2 key evolution28-pango is earlier than 0:1.14.9-11.el4_7 AND evolution28-pango is signed with Red Hat redhatrelease2 key evolution28-pango-devel is earlier than 0:1.14.9-11.el4_7 AND evolution28-pango-devel is signed with Red Hat redhatrelease2 key OR Package Information Red Hat Enterprise Linux 5 is installed AND pango is earlier than 0:1.14.9-5.el5_3 AND pango is signed with Red Hat redhatrelease2 key pango-devel is earlier than 0:1.14.9-5.el5_3 AND pango-devel is signed with Red Hat redhatrelease2 key
BACK