libXfont security update

CentOS Errata and Security Advisory CESA-2014:0018

The libXfont packages provide the X.Org libXfont runtime library. X.Org is
an open source implementation of the X Window System.

A stack-based buffer overflow flaw was found in the way the libXfont
library parsed Glyph Bitmap Distribution Format (BDF) fonts. A malicious,
local user could exploit this issue to potentially execute arbitrary code
with the privileges of the X.Org server. (CVE-2013-6462)

Users of libXfont should upgrade to these updated packages, which contain
a backported patch to resolve this issue. All running X.Org server
instances must be restarted for the update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2014-January/082265.html
https://lists.centos.org/pipermail/centos-announce/2014-January/082266.html

Affected packages:
libXfont
libXfont-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2014:0018