[Bug 1474257] New: fc-cache in multilib does not create 32bit cache
files
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1474257
Bug ID: 1474257
Summary: fc-cache in multilib does not create 32bit cache files
Product: Fedora
Version: rawhide
Component: fontconfig
Assignee: tagoh(a)redhat.com
Reporter: tagoh(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: fonts-bugs(a)lists.fedoraproject.org,
i18n-bugs(a)lists.fedoraproject.org, pnemade(a)redhat.com,
tagoh(a)redhat.com
Blocks: 1468978
Description of problem:
On 64bit env, there are no way to generate {be,le}32d{4,8} caches unless
removing 64bit version of packages because the 32bit version of fc-cache binary
is hidden by the package manager. need to have separate binary to address like
gtk does.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1468978
[Bug 1468978] fc-cache in multilib does not create 32bit cache files
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 1 month
[Bug 1485789] New: bogus permissions on /usr/share/doc/urw-fonts
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1485789
Bug ID: 1485789
Summary: bogus permissions on /usr/share/doc/urw-fonts
Product: Fedora
Version: 26
Component: urw-fonts
Assignee: dkaspar(a)redhat.com
Reporter: rc040203(a)freenet.de
QA Contact: extras-qa(a)fedoraproject.org
CC: dkaspar(a)redhat.com,
fonts-bugs(a)lists.fedoraproject.org, than(a)redhat.com
Description of problem:
The urw-fonts package's permission on /usr/share/doc/urw-fonts are set
read-only:
$ rpm -qlv urw-fonts | grep doc
drw-r--r-- 2 root root 0 Feb 12 2017
/usr/share/doc/urw-fonts
-rw-r--r-- 1 root root 17992 Apr 23 2001
/usr/share/doc/urw-fonts/COPYING
-rw-r--r-- 1 root root 2245 Jan 18 2002
/usr/share/doc/urw-fonts/README
-rw-r--r-- 1 root root 1317 Jul 12 2002
/usr/share/doc/urw-fonts/README.tweaks
Version-Release number of selected component (if applicable):
urw-fonts-2.4-23.fc26.noarch
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months
[Bug 1504381] New: libXfont-1.5.3 is available
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1504381
Bug ID: 1504381
Summary: libXfont-1.5.3 is available
Product: Fedora
Version: rawhide
Component: libXfont
Keywords: FutureFeature, Triaged
Assignee: btissoir(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: ajax(a)redhat.com, alexl(a)redhat.com,
btissoir(a)redhat.com, caillon+fedoraproject(a)gmail.com,
caolanm(a)redhat.com,
fonts-bugs(a)lists.fedoraproject.org,
jglisse(a)redhat.com, john.j5live(a)gmail.com,
mbarnes(a)fastmail.com, rhughes(a)redhat.com,
rstrode(a)redhat.com, sandmann(a)redhat.com
Latest upstream release: 1.5.3
Current version/release in rawhide: 1.5.2-5.fc28
URL: http://xorg.freedesktop.org/archive/individual/lib/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/1776/
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months
[Bug 1500693] New: CVE-2017-13722 libXfont:
Insufficient input validation in pcfread.c
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1500693
Bug ID: 1500693
Summary: CVE-2017-13722 libXfont: Insufficient input validation
in pcfread.c
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: ajax(a)redhat.com, alexl(a)redhat.com,
btissoir(a)redhat.com, caillon+fedoraproject(a)gmail.com,
caolanm(a)redhat.com,
fonts-bugs(a)lists.fedoraproject.org,
jglisse(a)redhat.com, john.j5live(a)gmail.com,
mbarnes(a)fastmail.com, rhughes(a)redhat.com,
rstrode(a)redhat.com, sandmann(a)redhat.com
It was discovered that libXfont incorrectly handled certain malformed PCF
files. A local attacker could use this issue to cause libXfont to crash,
resulting in a denial of service, or possibly obtain sensitive information.
Upstream patch:
https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=672bb944311392e...
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 3 months
[Bug 1500690] New: CVE-2017-13720 libXfont:
Insufficient input validation in fontdir.c
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1500690
Bug ID: 1500690
Summary: CVE-2017-13720 libXfont: Insufficient input validation
in fontdir.c
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: ajax(a)redhat.com, alexl(a)redhat.com,
btissoir(a)redhat.com, caillon+fedoraproject(a)gmail.com,
caolanm(a)redhat.com,
fonts-bugs(a)lists.fedoraproject.org,
jglisse(a)redhat.com, john.j5live(a)gmail.com,
mbarnes(a)fastmail.com, rhughes(a)redhat.com,
rstrode(a)redhat.com, sandmann(a)redhat.com
It was discovered that libXfont incorrectly handled certain patterns in
PatternMatch. A local attacker could use this issue to cause libXfont to
crash, resulting in a denial of service, or possibly obtain sensitive
information.
Upstream patch:
https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d1e670a4a8704b8...
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 3 months
[Bug 1475398] New:
CVE-2017-11568 CVE-2017-11569 CVE-2017-11570 CVE-2017-11571 CVE-2017-11572
CVE-2017-11573 CVE-2017-11574 CVE-2017-11575 CVE-2017-11576 CVE-2017-11577
fontforge
: various flaws [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1475398
Bug ID: 1475398
Summary: CVE-2017-11568 CVE-2017-11569 CVE-2017-11570
CVE-2017-11571 CVE-2017-11572 CVE-2017-11573
CVE-2017-11574 CVE-2017-11575 CVE-2017-11576
CVE-2017-11577 fontforge: various flaws [fedora-all]
Product: Fedora
Version: 26
Component: fontforge
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: kevin(a)scrye.com
Reporter: anemec(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com,
paul(a)frixxon.co.uk, pnemade(a)redhat.com
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 4 months