Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2011:1325
HistorySep 22, 2011 - 8:48 p.m.

evolution28 security update

2011-09-2220:48:41
CentOS Project
lists.centos.org
50

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.5%

JSON

CentOS Errata and Security Advisory CESA-2011:1325

Pango is a library used for the layout and rendering of internationalized
text.

A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping
engine used in Pango. If a user loaded a specially-crafted font file with
an application that uses Pango, it could cause the application to crash or,
possibly, execute arbitrary code with the privileges of the user running
the application. (CVE-2011-3193)

Users of evolution28-pango are advised to upgrade to these updated
packages, which contain a backported patch to resolve this issue. After
installing this update, you must restart your system or restart the X
server for the update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-September/080232.html
https://lists.centos.org/pipermail/centos-announce/2011-September/080233.html

Affected packages:
evolution28-pango
evolution28-pango-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2011:1325

Related

openvas 34
nessus 27
redhat 6
oraclelinux 6
centos 3
nvd 1
veracode 1
cvelist 1
prion 1
ubuntucve 1
cve 1
debiancve 1
debian 1
gentoo 1
osv 1
ubuntu 1
openvas
openvas
CentOS Update for pango CESA-2011:1326 centos5 i386
2011-09-23 00:00:00
CentOS Update for frysk CESA-2011:1327 centos4 i386
2011-09-23 00:00:00
CentOS Update for evolution28-pango CESA-2011:1325 centos4 x86_64
2012-07-30 00:00:00
nessus
nessus
CentOS 4 : frysk (CESA-2011:1327)
2011-09-23 00:00:00
RHEL 4 : evolution28-pango (RHSA-2011:1325)
2011-09-22 00:00:00
Oracle Linux 4 : frysk (ELSA-2011-1327)
2013-07-12 00:00:00
redhat
redhat
(RHSA-2011:1327) Moderate: frysk security update
2011-09-21 00:00:00
(RHSA-2011:1326) Moderate: pango security update
2011-09-21 00:00:00
(RHSA-2011:1325) Moderate: evolution28-pango security update
2011-09-21 00:00:00
oraclelinux
oraclelinux
evolution28-pango security update
2011-09-21 00:00:00
pango security update
2011-09-21 00:00:00
frysk security update
2011-09-21 00:00:00
centos
centos
frysk security update
2011-09-22 20:50:51
pango security update
2011-09-22 03:15:49
qt4 security update
2011-09-22 03:19:27
nvd
nvd
CVE-2011-3193
2012-06-16 00:55:03
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:02:50
cvelist
cvelist
CVE-2011-3193
2012-06-16 00:00:00
prion
prion
Heap overflow
2012-06-16 00:55:00
ubuntucve
ubuntucve
CVE-2011-3193
2012-06-15 00:00:00
cve
cve
CVE-2011-3193
2012-06-16 00:55:03
debiancve
debiancve
CVE-2011-3193
2012-06-16 00:55:03
debian
debian
[SECURITY] [DLA 117-1] qt4-x11 security update
2014-12-21 16:26:39
gentoo
gentoo
QtCore, QtGui: Multiple vulnerabilities
2013-11-22 00:00:00
osv
osv
qt4-x11 - security update
2014-12-21 00:00:00
ubuntu
ubuntu
Qt vulnerabilities
2012-07-11 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.5%

JSON
Related for CESA-2011:1325
openvas34nessus27redhat6oraclelinux6centos3nvd1veracode1cvelist1prion1ubuntucve1cve1debiancve1debian1gentoo1osv1ubuntu1