| Description: | Fontconfig is designed to locate fonts within the system and select them according to requirements specified by applications.
Security Fix(es):
It was found that cache files were insufficiently validated in fontconfig. A local attacker could create a specially crafted cache file to trigger arbitrary free() calls, which in turn could lead to arbitrary code execution. (CVE-2016-5384)
Red Hat would like to thank Tobias Stoeckmann for reporting this issue.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
|