USN-2918-1 Pixman vulnerabilities
- Ubuntu 14.04 LTS
Pixman could be made to crash or run programs as your login if it processed specially crafted data.
Vincent LE GARREC discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, a remote attacker could cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.
Affected VMware Products and Versions
Severity is medium unless otherwise noted.
- All versions of Cloud Foundry rootfs prior to 1.41.0
- All versions of Pivotal Elastic Runtime
Users of affected versions should apply the following mitigation:
- The Cloud Foundry project recommends that Cloud Foundry deployments run with rootfs version 1.41.0 and higher.
- Upgrade Pivotal Elastic Runtime 1.5.x versions to 1.5.18 or later OR 1.6.x versions to 1.6.19 or later
Vincent LE GARREC