9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.03 Low
EPSS
Percentile
90.9%
CentOS Errata and Security Advisory CESA-2016:0594
Graphite2 is a project within SIL’s Non-Roman Script Initiative and Language Software Development groups to provide rendering capabilities for complex non-Roman writing systems. Graphite can be used to create “smart fonts” capable of displaying writing systems with various complex behaviors. With respect to the Text Encoding Model, Graphite handles the “Rendering” aspect of writing system implementation.
The following packages have been upgraded to a newer upstream version: graphite2 (1.3.6).
Security Fix(es):
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2016-April/083973.html
Affected packages:
graphite2
graphite2-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2016:0594
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 7 | i686 | graphite2 | < 1.3.6-1.el7_2 | graphite2-1.3.6-1.el7_2.i686.rpm |
CentOS | 7 | x86_64 | graphite2 | < 1.3.6-1.el7_2 | graphite2-1.3.6-1.el7_2.x86_64.rpm |
CentOS | 7 | i686 | graphite2-devel | < 1.3.6-1.el7_2 | graphite2-devel-1.3.6-1.el7_2.i686.rpm |
CentOS | 7 | x86_64 | graphite2-devel | < 1.3.6-1.el7_2 | graphite2-devel-1.3.6-1.el7_2.x86_64.rpm |
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.03 Low
EPSS
Percentile
90.9%