what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 4496-1

Debian Security Advisory 4496-1
Posted Aug 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4496-1 - Benno Fuenfstueck discovered that Pango, a library for layout and rendering of text with an emphasis on internationalization, is prone to a heap-based buffer overflow flaw in the pango_log2vis_get_embedding_levels function. An attacker can take advantage of this flaw for denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2019-1010238
SHA-256 | 08873062b1ae654980aee26f9f341f243ba2372412e9e64efa7a44e4eea86c3e

Debian Security Advisory 4496-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4496-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
August 11, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : pango1.0
CVE ID : CVE-2019-1010238
Debian Bug : 933860

Benno Fuenfstueck discovered that Pango, a library for layout and
rendering of text with an emphasis on internationalization, is prone to a
heap-based buffer overflow flaw in the pango_log2vis_get_embedding_levels
function. An attacker can take advantage of this flaw for denial of
service or potentially the execution of arbitrary code.

For the stable distribution (buster), this problem has been fixed in
version 1.42.4-7~deb10u1.

We recommend that you upgrade your pango1.0 packages.

For the detailed security status of pango1.0 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/pango1.0

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl1QMblfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TNuhAAhi1fZW2f4T30VPfIfGdbZgGW+gO/1TH3eAqQXisy2ga4p5RJTIuNVUjx
mjD7FqYlrxuaAMuqqkCOEGTZIa8RVswjttcnsPZ+u9U8XhEWdbWy0iLq9+Ukkk2k
/bp5uHI1MCpG9pHY/cb2VKmK9XpBBZcykhR6fhoRgOt1MW/Qnmn+aNvGzfcSJugc
ZGziyvJ8FmVAqNpkuaiCTSbbx815LiZgd784X9VdN4hjso5uQfZfVSjwOVkXLnG2
oInrlP2GxKBptJAKtxe/Uzc1Bx6j7Q2iXUQPZ1O7d4e8/G7Knbsvub89eQSwJmHW
SmP//xLtmlq3bJGACekLs1cJgajLs7kfKxp+DI/Ar1PMZt3F5muMWTUSx1u33v9E
JiQD9q63Yhe8fAtPeFkb8HMu5fjYUCJ8fSEVs6bf0P2Ccy5hfZbsjs71YCUw+ddC
Pj2OFs5vFjOh8/Jr7bPHsmCiN+j4GKzHyOGdYxJcX7I62CVZDcJ27PXcbxpqEaj+
cxJ4oHdBz5L+LQUC4EoSIpCzv2Bt81xdibTUmx19sqTn5KdVl0H04PZoqstBYKwo
nzkouQd899moTQF33ECymphvrqGAx/ko6n/11w7QoY1EdTSuwTxyXOayu8I3NqGi
XKAKJyQJ7xEmwXIAvO25ZJLNO1d7p0pz7ij56BKYSnwb1xhYoekfS5
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close