MGASA-2016-0097
Advisory lineage Upstream: 14 Downstream: 0
Published: 07 Mar 2016, 11:20
Last modified:16 Apr 2026, 06:25
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
07 Mar 2016, 11:20
Published
Vulnerability first disclosed
16 Apr 2026, 06:25
Last Modified
Vulnerability information updated
Description
Updated graphite2 package fixes security vulnerabilities Updated graphite2 packages fix security vulnerabilities: Multiple security flaws were found in the graphite2 font library. A web page or document containing malicious content could cause an application using graphite2 to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802). The graphite2 package has been updated to version 1.3.6 which fixes these security issues.
Affected Systems
- mageia•graphite2
< 1.3.6-1.mga5
References (6)
- https://advisories.mageia.org/MGASA-2016-0097.html
- https://bugs.mageia.org/show_bug.cgi?id=17866
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- https://github.com/silnrsi/graphite/releases/tag/1.3.6
- https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178192.html
- https://rhn.redhat.com/errata/RHSA-2016-0373.html