1
PublicDateAtUSN: 2015-03-18
2
Candidate: CVE-2015-1803
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803
6
http://www.openwall.com/lists/oss-security/2015/03/17/5
7
https://usn.ubuntu.com/usn/usn-2536-1
9
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before
10
1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it
11
cannot read, which allows remote authenticated users to cause a denial of
12
service (NULL pointer dereference and crash) and possibly execute arbitrary
13
code via a crafted BDF font file.
18
Discovered-by: Ilja van Sprundel, Alan Coopersmith, and William Robinet
22
upstream: http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=78c2e3d70d29698244f70164428bd2868c0ab34c
23
upstream_libxfont: released (1.4.9,1.5.1)
24
lucid_libxfont: released (1:1.4.1-1ubuntu0.4)
25
precise_libxfont: released (1:1.4.4-1ubuntu0.3)
26
trusty_libxfont: released (1:1.4.7-1ubuntu0.2)
27
utopic_libxfont: released (1:1.4.99.901-1ubuntu0.1)
28
devel_libxfont: released (1:1.4.99.901-1ubuntu1)