USN-3063-1: Fontconfig vulnerability
17 August 2016
Fontconfig be made to crash or run programs if it opened a specially crafted file.
- fontconfig - generic font configuration library
Tobias Stoeckmann discovered that Fontconfig incorrectly handled cache
files. A local attacker could possibly use this issue with a specially
crafted cache file to elevate privileges.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart your session to make
all the necessary changes.