===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata54.html,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- www/errata54.html 2014/05/02 17:43:48 1.25
+++ www/errata54.html 2014/05/24 09:50:42 1.26
@@ -177,6 +177,20 @@
A source code patch exists which remedies this problem.
+
+010: SECURITY FIX: May 24, 2014
+ All architectures with X server
+X Font Service Protocol & Font metadata file handling issues in libXfont
+
+- CVE-2014-0209: integer overflow of allocations in font metadata file parsing
+
- CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies
+
- CVE-2014-0211: integer overflows calculating memory needs for xfs replies
+
+Please see the advisory for more information.
+
+
+A source code patch exists which remedies this problem.
+