[ MDVSA-2015:223 ] directfb

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:223
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : directfb
 Date    : May 4, 2015
 Affected: Business Server 1.0, Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated directfb packages fix security vulnerabilities:
 
 Multiple integer signedness errors in the Dispatch_Write function
 in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB allow
 remote attackers to cause a denial of service (crash) and possibly
 execute arbitrary code via the Voodoo interface, which triggers a
 stack-based buffer overflow (CVE-2014-2977).
 
 The Dispatch_Write function in
 proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB allows
 remote attackers to cause a denial of s

Leave a Reply