Oval Definition:oval:com.redhat.rhsa:def:20140018
Revision Date:2014-01-10Version:636
Title:RHSA-2014:0018: libXfont security update (Important)
Description:The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System.

  • A stack-based buffer overflow flaw was found in the way the libXfont library parsed Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2013-6462)

    Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2013-6462
    CVE-2013-6462
    RHSA-2014:0018
    RHSA-2014:0018-00
    RHSA-2014:0018-03
    Platform(s):Red Hat Enterprise Linux 5
    Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • libXfont is earlier than 0:1.2.2-1.0.5.el5_10
  • AND libXfont is signed with Red Hat redhatrelease2 key
  • libXfont-devel is earlier than 0:1.2.2-1.0.5.el5_10
  • AND libXfont-devel is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • libXfont is earlier than 0:1.4.5-3.el6_5
  • AND libXfont is signed with Red Hat redhatrelease2 key
  • libXfont-devel is earlier than 0:1.4.5-3.el6_5
  • AND libXfont-devel is signed with Red Hat redhatrelease2 key
    • BACK