Security
Headlines
HeadlinesLatestCVEs

Headline

Debian Security Advisory 5641-1

Debian Linux Security Advisory 5641-1 - It was discovered that fontforge, a font editor, is prone to shell command injection vulnerabilities when processing specially crafted files.

Packet Storm
#vulnerability#linux#debian#js
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5641-1                   [email protected]://www.debian.org/security/                     Salvatore BonaccorsoMarch 19, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : fontforgeCVE ID         : CVE-2024-25081 CVE-2024-25082Debian Bug     : 1064967It was discovered that fontforge, a font editor, is prone to shell commandinjection vulnerabilities when processing specially crafted files.For the oldstable distribution (bullseye), these problems have been fixedin version 1:20201107~dfsg-4+deb11u1.For the stable distribution (bookworm), these problems have been fixed inversion 1:20230101~dfsg-1.1~deb12u1.We recommend that you upgrade your fontforge packages.For the detailed security status of fontforge please refer toits security tracker page at:https://security-tracker.debian.org/tracker/fontforgeFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmX5+otfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0QM6w/+I599jlPtxJcdadbT6efjRaGYhhj3ICkPG+l3Y+h7hcPAW8VbfdxR3ztPjYbqf1a6R1cb67NAunRLIkouA7uf1o5zix6bGmcLSmuwiqfoqGQOrQXKMZE6fvovYjzWVbQ+W9P+b3fywip7VI+pjC+coliYO/Y+6E0Ylg3GmVq5p/W9SGjefSNI8SKvQmZaUaVnEBVrX+riQ4AncOTKrIrV19mmbwKzZ5FgYLQVvhNrWimNO04RbNi/t+Dcr7rITXc4+e3guBlKjEuOaTdvWtMpwXxxAUU+Tqvgya8OQc10dHHKIIPbvJ1rhi2qk/+vdy6rbde7hwMqgBNUOFoJsIrn5+1bu7BPwU7IDp5C0ibZ/jtisc3JjtxHj5yz61n/d8+/+usRjKcAos/MKZa988KSNXUyqIv0NQ4Xk5l3AxDdBArDtxfMGKLuzYWMsVD7tlFuu7UcuyI7YY1FJcTDygoDb/CunXBq7yjMh9DEPQEMkWu6gFdge1gXWw20s0dko9Ypwtoe3BZ5ucbcyHjcfyAzlk+m2LIVO7TQJ5NvRuNuuE/kr+SDWbx4PIjidr5VslvGp2Nx784163P8fduUTxfSNLktsGdqPZmJI6R4FslQjd9oIgTd+/f1VU6tRTu8OcCqREfkwRVhtYrsTjwVvZ4x1OqAnKoxAGMCCCC7jzdk0JM==0dXN-----END PGP SIGNATURE-----

Related news

Red Hat Security Advisory 2024-9439-03

Red Hat Security Advisory 2024-9439-03 - An update for fontforge is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2024-4267-03

Red Hat Security Advisory 2024-4267-03 - An update for fontforge is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution