Download
| Alert*
oval:org.secpod.oval:def:201580
Pango is a library used for the layout and rendering of internationalized text. A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping engine used in Pango. If a user loaded a specially-crafted font file with an application that uses Pango, it could cause the application to crash or, ... oval:org.secpod.oval:def:201901 Pango is a library used for the layout and rendering of internationalized text. An input sanitization flaw, leading to an array index error, was found in the way the Pango font rendering library synthesized the Glyph Definition table from a font"s character map and the Unicode property database. If ... oval:org.secpod.oval:def:201924 Pango is a library used for the layout and rendering of internationalized text. An input sanitization flaw, leading to an array index error, was found in the way the Pango font rendering library synthesized the Glyph Definition table from a font"s character map and the Unicode property database. If ... oval:org.secpod.oval:def:201550 Pango is a library used for the layout and rendering of internationalized text. A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping engine used in Pango. If a user loaded a specially-crafted font file with an application that uses Pango, it could cause the application to crash or, ... oval:org.secpod.oval:def:203103 pango is installed oval:org.secpod.oval:def:66453 Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Security Fix: * pango: pango_log2vis_get_embedding_levels heap-based buffer overflow For more details about the security iss ... oval:org.secpod.oval:def:500218 Pango is a library used for the layout and rendering of internationalized text. It was discovered that Pango did not check for memory reallocation failures in the hb_buffer_ensure function. An attacker able to trigger a reallocation failure by passing sufficiently large input to an application using ... oval:org.secpod.oval:def:1503559 Updated pango and evolution28-pango packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed ... oval:org.secpod.oval:def:500187 Pango is a library used for the layout and rendering of internationalized text. An input sanitization flaw, leading to a heap-based buffer overflow, was found in the way Pango displayed font files when using the FreeType font engine back end. If a user loaded a malformed font file with an applicatio ... oval:org.secpod.oval:def:500386 Pango is a library used for the layout and rendering of internationalized text. An input sanitization flaw, leading to an array index error, was found in the way the Pango font rendering library synthesized the Glyph Definition table from a font"s character map and the Unicode property database. If ... oval:org.secpod.oval:def:1503288 Updated pango packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ... oval:org.secpod.oval:def:201961 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:500681 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:202127 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:66422 GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fix: * evince: uninitialized memory use in function tiff_document_render and tiff_document_get_thumbnail * gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd For more details about the security issue, includin ... oval:org.secpod.oval:def:115057 Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango can be used anywhere that text layout is needed, though most of the work on Pango so far has been done in the context of the GTK+ widget toolkit. Pango forms the core of text and font handling fo ... oval:org.secpod.oval:def:89049625 This update for pango fixes the following issues: Security issue fixed: - CVE-2018-15120: Fixed a denial of service when parsing emoji oval:org.secpod.oval:def:500138 Pango is a library used for the layout and rendering of internationalized text. A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping engine used in Pango. If a user loaded a specially-crafted font file with an application that uses Pango, it could cause the application to crash or, ... oval:org.secpod.oval:def:1504912 accountsservice [0.6.55-1] - Rebase to 0.6.55 Resolves: #1846376 atkmm [2.24.2-7] - Rebuild for annobin fixes - Resolves: rhbz#1703969 cairomm [1.12.0-8] - Rebuild for the annobin fixes - Resolves: rhbz#1703971 chrome-gnome-shell [10.1-7] - Disable updates support Resolves: #1802105 dleyna-core [0.6 ... oval:org.secpod.oval:def:503320 Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Security Fix: * pango: pango_log2vis_get_embedding_levels heap-based buffer overflow For more details about the security iss ... oval:org.secpod.oval:def:205358 Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Security Fix: * pango: pango_log2vis_get_embedding_levels heap-based buffer overflow For more details about the security iss ... oval:org.secpod.oval:def:2500036 GNOME is the default desktop environment of AlmaLinux. oval:org.secpod.oval:def:504388 GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fix: * evince: uninitialized memory use in function tiff_document_render and tiff_document_get_thumbnail * gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd For more details about the security issue, includin ... oval:org.secpod.oval:def:1504530 accountsservice [0.6.50-7] - Dont send change updates for login history changes Resolves: #1713080 appstream-data [8-20190805] - Regenerate the RHEL metadata to include the latest cockpit changes - Resolves: #1673011 [8-20190719] - Regenerate the RHEL metadata - Resolves: #1673011 [8-20180721] - Reg ... |