similar to: CentOS-announce Digest, Vol 117, Issue 14

CentOS Errata and Security Advisory 2014:1893 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1893.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: b0d5d2c56dc2794ccd036623672af58746d121b5341744c2f7c16b30120faa5c libXfont-1.2.2-1.0.6.el5_11.i386.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Security Advisory 2015:1706 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1706.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: bba46a116e6b5186632655032db42a9ff77c7b0ef3076e21cb4805d8c1c88a8b bind-9.3.6-25.P1.el5_11.4.i386.rpm

CentOS Errata and Enhancement Advisory 2014:1898 Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-1898.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 04c48a90c887dc9f7334dbc1b80bda482a5ad3ed7b41b313e374397ca1a93b0a dovecot-1.0.7-9.el5_11.4.i386.rpm x86_64:

CentOS Errata and Security Advisory 2015:2658 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2658.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 0dc7e37c9a0bfb8cfbe4ed0f47b8a2a7203c8e0827f1c1c3e58ad2e89acbceda bind97-9.7.0-21.P2.el5_11.4.i386.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Bugfix Advisory 2016:1658 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-1658.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 7e60ccf2518f1d21f09b8dd19edb4130d43fe0442b3d0a9446aa78ec16d62763 cman-2.0.115-124.el5_11.4.i386.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

Matt Turner (1): libXfont 1.5.3 Michal Srb (2): Check for end of string in PatternMatch (CVE-2017-13720) pcfGetProperties: Check string boundaries (CVE-2017-13722) git tag: libXfont-1.5.3 https://xorg.freedesktop.org/archive/individual/lib/libXfont-1.5.3.tar.bz2 MD5: 9ba75bf38ba62a6ad52550ab716da9b3 libXfont-1.5.3.tar.bz2 SHA1: 628b8ca2207f09324b8926084318a2fa2edb16d1

Matthieu Herrb (1): libXfont 1.5.4 Michal Srb (1): Open files with O_NOFOLLOW. (CVE-2017-16611) git tag: libXfont-1.5.4 https://xorg.freedesktop.org/archive/individual/lib/libXfont-1.5.4.tar.bz2 MD5: 16eaf156edd79b68038b6a7c44aa9e9b libXfont-1.5.4.tar.bz2 SHA1: 9db050f63b9c4cb19e0dbb40575558ccb95719ca libXfont-1.5.4.tar.bz2 SHA256:

Maintenance branch release, primarily for bdftopcf's benefit as it's the only thing that really needs the Xfont1 API. (xfs uses it too, I believe, but could be ported to Xfont2). If someone wanted to step up and merge Xfont1 into bdtopcf directly, that'd be great. Adam Jackson (1):       libXfont 1.5.2 Alan Coopersmith (1):       doc: add a couple olinks to fsproto & xfs-design

Adam Jackson (1): libXfont 1.3.2 Jens Granseuer (1): fix build with gcc 2.95. Matthieu Herrb (3): catalogue.c: prevent a one character overflow ftsystem.c is not needed anymore. Fix for CVE-2008-0006 - PCF Font parser buffer overflow. Tilman Sauerbeck (1): Replaced one instance of bcopy() with memcpy(). git tag: libXfont-1.3.2

This release of libXfont provides the fixes for today's security advisory about BDF font parsing bugs. Like libXfont 1.5.0, it requires fontsproto 2.1.3 or later and will not build cleanly with older versions. Alan Coopersmith (6): Remove unneeded checks for #ifndef X_NOT_POSIX Use 'imdent' to realign cpp indentation levels in fslibos.h bdfReadProperties: property

This release of libXfont provides the fixes for today's security advisory about BDF font parsing bugs. Like libXfont 1.4.8, it requires fontsproto 2.1.2 or earlier and will not build cleanly with newer versions. Alan Coopersmith (4): bdfReadProperties: property count needs range check [CVE-2015-1802] bdfReadCharacters: bailout if a char's bitmap cannot be read [CVE-2015-1803]

CentOS Errata and Security Advisory 2014:0018 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0018.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 5d177ebe7d19a7515f179bf06b534b16be5c3017b51dc32cef13f1ef45c94676 libXfont-1.2.2-1.0.5.el5_10.i386.rpm

CentOS Errata and Security Advisory 2014:0018 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0018.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: e197f6ba7f88663d651ff7fece36f0ab4439063d7267738c9bbdc86d0c39ae5e libXfont-1.4.5-3.el6_5.i686.rpm