https://bugzilla.redhat.com/show_bug.cgi?id=1500690 Bug ID: 1500690 Summary: CVE-2017-13720 libXfont: Insufficient input validation in fontdir.c Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: anemec(a)redhat.com CC: ajax(a)redhat.com, alexl(a)redhat.com, btissoir(a)redhat.com, caillon+fedoraproject(a)gmail.com, caolanm(a)redhat.com, fonts-bugs(a)lists.fedoraproject.org, jglisse(a)redhat.com, john.j5live(a)gmail.com, mbarnes(a)fastmail.com, rhughes(a)redhat.com, rstrode(a)redhat.com, sandmann(a)redhat.com It was discovered that libXfont incorrectly handled certain patterns in PatternMatch. A local attacker could use this issue to cause libXfont to crash, resulting in a denial of service, or possibly obtain sensitive information. Upstream patch: https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d1e670a4a8704b8... -- You are receiving this mail because: You are on the CC list for the bug.