Debian has issued an advisory today (January 7): https://lists.debian.org/debian-security-announce/2014/msg00006.html More info, including a patch, is available in the upstream announcement: http://permalink.gmane.org/gmane.comp.security.oss.general/11814 The issue is also fixed upstream in 1.4.7. Reproducible: Steps to Reproduce:
CC: (none) => thierry.vignaudWhiteboard: (none) => MGA3TOO
Better link for the upstream announcement: http://lists.x.org/archives/xorg-announce/2014-January/002389.html
URL: (none) => http://lwn.net/Vulnerabilities/579639/
Fix in progress
Done
Status: NEW => RESOLVEDResolution: (none) => FIXED
libxfont-1.4.7-1.mga4 uploaded for Cauldron. Not fixed yet, as there's still Mageia 3.
Status: RESOLVED => REOPENEDVersion: Cauldron => 3Resolution: FIXED => (none)Whiteboard: MGA3TOO => (none)
Patched package uploaded for Mageia 3. Advisory: ======================== Updated libxfont packages fix security vulnerability: It was discovered that a buffer overflow in the processing of Glyph Bitmap Distribution fonts (BDF) could result in the execution of arbitrary code (CVE-2013-6462). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462 http://lists.x.org/archives/xorg-announce/2014-January/002389.html http://www.debian.org/security/2014/dsa-2838 ======================== Updated packages in core/updates_testing: ======================== libxfont1-1.4.5-3.1.mga3 libxfont1-devel-1.4.5-3.1.mga3 libxfont1-static-devel-1.4.5-3.1.mga3 from libxfont-1.4.5-3.1.mga3.src.rpm
Assignee: bugsquad => qa-bugs
CC: thierry.vignaud => (none)
As noted in the Ubuntu advisory, the arbitrary code execution shouldn't actually be possible due to compiler options used to build this, so it's just a denial of service vulnerability (malicious font could cause the X server to crash). http://www.ubuntu.com/usn/usn-2078-1/
*** Bug 12339 has been marked as a duplicate of this bug. ***
Checked Securityfocus, no specific PoC, just "Attackers can use readily available tools to exploit this issue" Testing mga3-32 for installation/general use.
CC: (none) => wrw105
Mga3-32 tested, no adverse effects on font display.
Whiteboard: (none) => mga3-32-OK
Mga3-64 tested, no adverse effects on font display. This just needs advisory uploaded to svn.
Whiteboard: mga3-32-OK => mga3-32-OK mga3-64-OK
Advisory uploaded. Validating. Could sysadmin please push from 3 core/updates_testing to updates Thanks
Keywords: (none) => validated_updateWhiteboard: mga3-32-OK mga3-64-OK => advisory mga3-32-OK mga3-64-OKCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2014-0020.html
Status: REOPENED => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED