Oval Definition:oval:org.mitre.oval:def:13520
Revision Date:2014-06-23Version:20
Title:DSA-1798-1 pango1.0 -- integer overflow
Description:Will Drewry discovered that pango, a system for layout and rendering of internationalised text, is prone to an integer overflow via long glyphstrings. This could cause the execution of arbitrary code when displaying crafted data through an application using the pango library. For the stable distribution, this problem has been fixed in version 1.20.5-3+lenny1. For the oldstable distribution, this problem has been fixed in version 1.14.8-5+etch1. For the testing distribution and the unstable distribution , this problem has been fixed in version 1.24-1. We recommend that you upgrade your pango1.0 packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-1194
DSA-1798-1
Platform(s):Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s):pango1.0
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • libpango1.0-doc DPKG is earlier than 1.20.5-3+lenny1
  • OR libpango1.0-common DPKG is earlier than 1.20.5-3+lenny1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • libpango1.0-0 DPKG is earlier than 1.20.5-3+lenny1
  • OR libpango1.0-0-dbg DPKG is earlier than 1.20.5-3+lenny1
  • OR libpango1.0-dev DPKG is earlier than 1.20.5-3+lenny1
  • OR Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • libpango1.0-doc DPKG is earlier than 1.14.8-5+etch1
  • OR libpango1.0-common DPKG is earlier than 1.14.8-5+etch1
  • OR libpango1.0-0 DPKG is earlier than 1.14.8-5+etch1
  • OR libpango1.0-0-dbg DPKG is earlier than 1.14.8-5+etch1
  • OR libpango1.0-dev DPKG is earlier than 1.14.8-5+etch1
    • BACK