---
- branch: MAIN
  date: Fri May 23 13:18:56 UTC 2014
  files:
  - new: '1.6'
    old: '1.5'
    path: pkgsrc/emulators/suse131_x11/Makefile
    pathrev: pkgsrc/emulators/suse131_x11/Makefile@1.6
    type: modified
  - new: '1.6'
    old: '1.5'
    path: pkgsrc/emulators/suse131_x11/distinfo
    pathrev: pkgsrc/emulators/suse131_x11/distinfo@1.6
    type: modified
  id: 20140523T131856Z.fff91a00549420486f575c25654851dceadc9d65
  log: |
    Apply openSUSE Security Update: openSUSE-SU-2014:0711-1
    libXfont: Fixed multiple vulnerabilities

       An update that fixes three vulnerabilities is now available.

    Description:

       libxfont was updated to fix multiple vulnerabilities:
       - Integer overflow of allocations in font metadata file parsing
         (CVE-2014-0209).
       - Unvalidated length fields when parsing xfs protocol replies
         (CVE-2014-0210).
       - Integer overflows calculating memory needs for xfs replies
         (CVE-2014-0211).

       These vulnerabilities could be used by a local, authenticated user to
       raise privileges
       or by a remote attacker with control of the font server to execute code
        with the privileges of the X server.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/emulators/suse131_x11'
  unixtime: '1400851136'
  user: obache