Oval Definition:oval:org.opensuse.security:def:125954
Revision Date:2019-08-28Version:1
Title:Security update for fontforge (Moderate)
Description:

This update for fontforge fixes the following security issues:

fontforge was updated to 20170731, fixings lots of bugs and security issues.

- CVE-2017-11568: Heap-based buffer over-read in PSCharStringToSplines (bsc#1050161) - CVE-2017-11569: Heap-based buffer over-read in readttfcopyrights (bsc#1050181) - CVE-2017-11571: Stack-based buffer overflow in addnibble (bsc#1050185) - CVE-2017-11572: Heap-based buffer over-read in readcfftopdicts (bsc#1050187) - CVE-2017-11573: Over-read in ValidatePostScriptFontName (bsc#1050193) - CVE-2017-11574: Heap-based buffer overflow in readcffset (bsc#1050194) - CVE-2017-11575: Buffer over-read in strnmatch (bsc#1050195) - CVE-2017-11576: Ensure a positive size in a weight vector memcpycall in readcfftopdict (bsc#1050196) - CVE-2017-11577: Buffer over-read in getsid (bsc#1050200)
Family:unixClass:patch
Status:Reference(s):1050161
1050181
1050185
1050187
1050193
1050194
1050195
1050196
1050200
CVE-2017-11568
CVE-2017-11569
CVE-2017-11571
CVE-2017-11572
CVE-2017-11573
CVE-2017-11574
CVE-2017-11575
CVE-2017-11576
CVE-2017-11577
SUSE-SU-2019:2236-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP4
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND fontforge-20170731-11.8.1 is installed
    • BACK