Graphite: Multiple vulnerabilities

Graphite: Multiple vulnerabilities Multiple vulnerabilities have been found in Graphite, the worst of which could lead to the remote execution of arbitrary code. graphite 2017-01-24 2017-01-24: 1 574276 576864 remote 1.3.7 1.3.7

Graphite is a “smart font” system developed specifically to handle the complexities of lesser-known languages of the world.

Multiple vulnerabilities have been discovered in Graphite. Please review the CVE identifiers referenced below for details.

A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or obtain sensitive information.

There is no known workaround at this time.

All Graphite users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=media-gfx/graphite2-1.3.7"

CVE-2016-1521 CVE-2016-1522 CVE-2016-1523 CVE-2016-1526 CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793 CVE-2016-2794 CVE-2016-2795 CVE-2016-2796 CVE-2016-2797 CVE-2016-2798 CVE-2016-2799 CVE-2016-2800 CVE-2016-2801 CVE-2016-2802 b-man b-man