Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 06:35:25 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1301256949&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0911-advisories%2FMDVSA-2009-158-2.txt%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1301256949.1338186925.1338186925.1338186925.1%3B%2B__utmz%3D32867617.1338186925.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/82759/MDVSA-2009-158-2.txt http://packetstormsecurity.org/files/82759/MDVSA-2009-158-2.txt http://packetstormsecurity.org/files/82759/Mandriva-Linux-Security-Advisory-2009-158.html Wed, 18 Nov 2009 15:53:20 GMT Mandriva Linux Security Advisory 2009-158 - Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue. pango for CS3 broke applications like MandrivaUpdate, mcc and so on. This update corrects this problem.