FEDORA-2018-078b082cbe

security update in Fedora 28 for libgxps

Status: stable a year ago

Add patch for CVE-2018-10733

How to install

sudo dnf upgrade --advisory=FEDORA-2018-078b082cbe

Comments 14

This update has been submitted for testing by tomh.

This update has been pushed to testing.

Works great! LGTM! =)

karma: +1

works for me

karma: +1

Dear tomh,

thanks for the update. Can You confirm, that both CVE-2018-10733 (as mentioned in bug and changelog) and CVE-2018-10767 (as mentioned here) are fixed with this update?

Cheers

Works

karma: +1

This update has been submitted for batched by bodhi.

If it fixed both I would list them both. As far as I know there is no patch for the second one yet, or at least there wasn't when I built this. Well strictly speaking I had just finished building it when the second one came in but as there was no patch for it I pushed this out without waiting.

Sure, thanks for the clarification. The hint 'Add patch for CVE-2018-10767' in the update-details of FEDORA-2018-078b082cbe and FEDORA-2018-46f3f13c68 confused me.

Ah sorry didn't realise I had mixed up the numbers - will fix that.

tomh edited this update.

no harm done .) cheers!

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
low
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted a year ago
in testing a year ago
in stable a year ago
modified a year ago

Related Bugs 1

00 #1576112 CVE-2018-10733 libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c [fedora-all]

Automated Test Results