Opened 6 years ago
Closed 6 years ago
#10087 closed enhancement (fixed)
libXfont2-2.0.3 (xorg library)
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | 8.2 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (3)
comment:1 by , 6 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 6 years ago
Note:
See TracTickets
for help on using tickets.
Open files with O_NOFOLLOW. (CVE-2017-16611) A non-privileged X client can instruct X server running under root to open any file by creating own directory with "fonts.dir", "fonts.alias" or any font file being a symbolic link to any other file in the system. X server will then open it. This can be issue with special files such as /dev/watchdog.