Security Advisory Important: pango security update

Advisory: RHSA-2009:0476-1
Type: Security Advisory
Severity: Important
Issued on: 2009-05-08
Last updated on: 2009-05-08
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20090476.xml
CVEs (cve.mitre.org): CVE-2009-1194

Details

Updated pango and evolution28-pango packages that fix an integer overflow
flaw are now available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Pango is a library used for the layout and rendering of internationalized
text.

Will Drewry discovered an integer overflow flaw in Pango's
pango_glyph_string_set_size() function. If an attacker is able to pass an
arbitrarily long string to Pango, it may be possible to execute arbitrary
code with the permissions of the application calling Pango. (CVE-2009-1194)

pango and evolution28-pango users are advised to upgrade to these updated
packages, which contain a backported patch to resolve this issue. After
installing this update, you must restart your system or restart the X
server for the update to take effect. Note: Restarting the X server closes
all open applications and logs you out of your session.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
pango-1.14.9-5.el5_3.src.rpm
File outdated by:  RHBA-2009:1395		     cc2c64af56b9c3c701242b375ee6c496
 
IA-32:
pango-devel-1.14.9-5.el5_3.i386.rpm
File outdated by:  RHBA-2009:1395		     bd6142551410c49f3466cd36fcd36303
 
x86_64:
pango-devel-1.14.9-5.el5_3.i386.rpm
File outdated by:  RHBA-2009:1395		     bd6142551410c49f3466cd36fcd36303
pango-devel-1.14.9-5.el5_3.x86_64.rpm
File outdated by:  RHBA-2009:1395		     a1e4ad1afdaa0d1372b059b78fcf5d91
 
Red Hat Desktop (v. 3)
SRPMS:
pango-1.2.5-8.src.rpm     a3f67df91d7b4a7018edfe8f5763ee32
 
IA-32:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-devel-1.2.5-8.i386.rpm     6679375b832a05498e34687fd69a7e04
 
x86_64:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-1.2.5-8.x86_64.rpm     d85e5de7c764526427888685e083a332
pango-devel-1.2.5-8.x86_64.rpm     56394f39d282c54c1446fb5502829cfb
 
Red Hat Desktop (v. 4)
SRPMS:
evolution28-pango-1.14.9-11.el4_7.src.rpm     53cfde1f92c819f4a1480744417edc12
pango-1.6.0-14.4_7.src.rpm     8a301ce0dacf29b7271a232022fe1bc9
 
IA-32:
evolution28-pango-1.14.9-11.el4_7.i386.rpm     3400bb7617c861b089ab5fcb22ebacd5
evolution28-pango-devel-1.14.9-11.el4_7.i386.rpm     513bbea00ad36918c03e9ce38b4dc316
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-devel-1.6.0-14.4_7.i386.rpm     93af83a66285033cb621d15bce9c753a
 
x86_64:
evolution28-pango-1.14.9-11.el4_7.x86_64.rpm     b5e78b0d4ecad1d35e7f40509923f2fe
evolution28-pango-devel-1.14.9-11.el4_7.x86_64.rpm     c3de615e402f99262426620ba43d831c
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.x86_64.rpm     dd046b86457cc64f31e96b89ef7f13f2
pango-devel-1.6.0-14.4_7.x86_64.rpm     f98924eae46b5494c0882a02d612c969
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
pango-1.14.9-5.el5_3.src.rpm
File outdated by:  RHBA-2009:1395		     cc2c64af56b9c3c701242b375ee6c496
 
IA-32:
pango-1.14.9-5.el5_3.i386.rpm
File outdated by:  RHBA-2009:1395		     ef39027d8e3ea2c7a0adc64d5f99d129
pango-devel-1.14.9-5.el5_3.i386.rpm
File outdated by:  RHBA-2009:1395		     bd6142551410c49f3466cd36fcd36303
 
IA-64:
pango-1.14.9-5.el5_3.i386.rpm
File outdated by:  RHBA-2009:1395		     ef39027d8e3ea2c7a0adc64d5f99d129
pango-1.14.9-5.el5_3.ia64.rpm
File outdated by:  RHBA-2009:1395		     07ac2e2e91ba26fe46b190813457f200
pango-devel-1.14.9-5.el5_3.ia64.rpm
File outdated by:  RHBA-2009:1395		     87f535d633573cc78931524e203eecff
 
PPC:
pango-1.14.9-5.el5_3.ppc.rpm
File outdated by:  RHBA-2009:1395		     2ec712882c60a69082f7ffbdf610cd7a
pango-1.14.9-5.el5_3.ppc64.rpm
File outdated by:  RHBA-2009:1395		     2b3bfb585e6091416aca544f4e67a36e
pango-devel-1.14.9-5.el5_3.ppc.rpm
File outdated by:  RHBA-2009:1395		     274dc5871d645b068a50767d30fed374
pango-devel-1.14.9-5.el5_3.ppc64.rpm
File outdated by:  RHBA-2009:1395		     c8b408667d4ab462436e7898571a8325
 
s390x:
pango-1.14.9-5.el5_3.s390.rpm
File outdated by:  RHBA-2009:1395		     42818decdd5ced9534b855786eb778e3
pango-1.14.9-5.el5_3.s390x.rpm
File outdated by:  RHBA-2009:1395		     9f5c20f3665a65e4563bc27bdc6b71ea
pango-devel-1.14.9-5.el5_3.s390.rpm
File outdated by:  RHBA-2009:1395		     42847cf2d411d7f74c71092fd77680ca
pango-devel-1.14.9-5.el5_3.s390x.rpm
File outdated by:  RHBA-2009:1395		     e281b52a4ced5377746c1af755803cdc
 
x86_64:
pango-1.14.9-5.el5_3.i386.rpm
File outdated by:  RHBA-2009:1395		     ef39027d8e3ea2c7a0adc64d5f99d129
pango-1.14.9-5.el5_3.x86_64.rpm
File outdated by:  RHBA-2009:1395		     54068ed358b0dfa02ff16cf4a9ec5a62
pango-devel-1.14.9-5.el5_3.i386.rpm
File outdated by:  RHBA-2009:1395		     bd6142551410c49f3466cd36fcd36303
pango-devel-1.14.9-5.el5_3.x86_64.rpm
File outdated by:  RHBA-2009:1395		     a1e4ad1afdaa0d1372b059b78fcf5d91
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
pango-1.2.5-8.src.rpm     a3f67df91d7b4a7018edfe8f5763ee32
 
IA-32:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-devel-1.2.5-8.i386.rpm     6679375b832a05498e34687fd69a7e04
 
IA-64:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-1.2.5-8.ia64.rpm     a684bb7209bcdbef24fcf216960bf806
pango-devel-1.2.5-8.ia64.rpm     df997478052acb50feedcd510b99b6f6
 
PPC:
pango-1.2.5-8.ppc.rpm     5460c5adae7aa70bcad69f66a85ad582
pango-1.2.5-8.ppc64.rpm     b3ac172eb9de4ed37ee1edc01d287125
pango-devel-1.2.5-8.ppc.rpm     0bd0f8a5b3bcdf72e6d7911ac96c38dc
 
s390:
pango-1.2.5-8.s390.rpm     0ebc71febe77d5011c45eeedee4e7a76
pango-devel-1.2.5-8.s390.rpm     caf5059810ab6cb720389cf69ce4be41
 
s390x:
pango-1.2.5-8.s390.rpm     0ebc71febe77d5011c45eeedee4e7a76
pango-1.2.5-8.s390x.rpm     c078c058f1d58b84c89c7a79783df6ce
pango-devel-1.2.5-8.s390x.rpm     614edb5cf7f18bd777a58091a6478d11
 
x86_64:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-1.2.5-8.x86_64.rpm     d85e5de7c764526427888685e083a332
pango-devel-1.2.5-8.x86_64.rpm     56394f39d282c54c1446fb5502829cfb
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
evolution28-pango-1.14.9-11.el4_7.src.rpm     53cfde1f92c819f4a1480744417edc12
pango-1.6.0-14.4_7.src.rpm     8a301ce0dacf29b7271a232022fe1bc9
 
IA-32:
evolution28-pango-1.14.9-11.el4_7.i386.rpm     3400bb7617c861b089ab5fcb22ebacd5
evolution28-pango-devel-1.14.9-11.el4_7.i386.rpm     513bbea00ad36918c03e9ce38b4dc316
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-devel-1.6.0-14.4_7.i386.rpm     93af83a66285033cb621d15bce9c753a
 
IA-64:
evolution28-pango-1.14.9-11.el4_7.ia64.rpm     73bd359c1f99b3804d806dbf5ed02a32
evolution28-pango-devel-1.14.9-11.el4_7.ia64.rpm     8f50848a9fe6192995c8e6cee86a2e29
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.ia64.rpm     459df7437c5639151cf42dd52f8de396
pango-devel-1.6.0-14.4_7.ia64.rpm     aaf6034fe3040cb722a3a5ee4ba0471a
 
PPC:
evolution28-pango-1.14.9-11.el4_7.ppc.rpm     4a34f73c531a4b3d047697fe23811ac5
evolution28-pango-devel-1.14.9-11.el4_7.ppc.rpm     12b21b9c49dda33a80d5cab47e14269a
pango-1.6.0-14.4_7.ppc.rpm     16404ced8c3a8418fead2cce64752a12
pango-1.6.0-14.4_7.ppc64.rpm     6afaa60448763ce754a4570d84259624
pango-devel-1.6.0-14.4_7.ppc.rpm     49c3e012d1eb6bb0fb748977861178a4
 
s390:
evolution28-pango-1.14.9-11.el4_7.s390.rpm     d027833aeeaf9395b4a49a06fe6fde8c
evolution28-pango-devel-1.14.9-11.el4_7.s390.rpm     ea0d59cb4b18e3e7cd07ef37312f137c
pango-1.6.0-14.4_7.s390.rpm     1a8d4999f7d038e08739588235ca158f
pango-devel-1.6.0-14.4_7.s390.rpm     ebc5568ef8d28c5555c1c39e19c31f1f
 
s390x:
evolution28-pango-1.14.9-11.el4_7.s390x.rpm     2488d57a4070e041399c44354f981f91
evolution28-pango-devel-1.14.9-11.el4_7.s390x.rpm     2d79e01704af47c8a6ef32494561cd7b
pango-1.6.0-14.4_7.s390.rpm     1a8d4999f7d038e08739588235ca158f
pango-1.6.0-14.4_7.s390x.rpm     efe896d06480d8681e92a6f2ced146ad
pango-devel-1.6.0-14.4_7.s390x.rpm     8e8871ba528d8b97eb2c12e1b02ad7d4
 
x86_64:
evolution28-pango-1.14.9-11.el4_7.x86_64.rpm     b5e78b0d4ecad1d35e7f40509923f2fe
evolution28-pango-devel-1.14.9-11.el4_7.x86_64.rpm     c3de615e402f99262426620ba43d831c
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.x86_64.rpm     dd046b86457cc64f31e96b89ef7f13f2
pango-devel-1.6.0-14.4_7.x86_64.rpm     f98924eae46b5494c0882a02d612c969
 
Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
evolution28-pango-1.14.9-11.el4_7.src.rpm     53cfde1f92c819f4a1480744417edc12
pango-1.6.0-14.4_7.src.rpm     8a301ce0dacf29b7271a232022fe1bc9
 
IA-32:
evolution28-pango-1.14.9-11.el4_7.i386.rpm     3400bb7617c861b089ab5fcb22ebacd5
evolution28-pango-devel-1.14.9-11.el4_7.i386.rpm     513bbea00ad36918c03e9ce38b4dc316
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-devel-1.6.0-14.4_7.i386.rpm     93af83a66285033cb621d15bce9c753a
 
IA-64:
evolution28-pango-1.14.9-11.el4_7.ia64.rpm     73bd359c1f99b3804d806dbf5ed02a32
evolution28-pango-devel-1.14.9-11.el4_7.ia64.rpm     8f50848a9fe6192995c8e6cee86a2e29
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.ia64.rpm     459df7437c5639151cf42dd52f8de396
pango-devel-1.6.0-14.4_7.ia64.rpm     aaf6034fe3040cb722a3a5ee4ba0471a
 
PPC:
evolution28-pango-1.14.9-11.el4_7.ppc.rpm     4a34f73c531a4b3d047697fe23811ac5
evolution28-pango-devel-1.14.9-11.el4_7.ppc.rpm     12b21b9c49dda33a80d5cab47e14269a
pango-1.6.0-14.4_7.ppc.rpm     16404ced8c3a8418fead2cce64752a12
pango-1.6.0-14.4_7.ppc64.rpm     6afaa60448763ce754a4570d84259624
pango-devel-1.6.0-14.4_7.ppc.rpm     49c3e012d1eb6bb0fb748977861178a4
 
s390:
evolution28-pango-1.14.9-11.el4_7.s390.rpm     d027833aeeaf9395b4a49a06fe6fde8c
evolution28-pango-devel-1.14.9-11.el4_7.s390.rpm     ea0d59cb4b18e3e7cd07ef37312f137c
pango-1.6.0-14.4_7.s390.rpm     1a8d4999f7d038e08739588235ca158f
pango-devel-1.6.0-14.4_7.s390.rpm     ebc5568ef8d28c5555c1c39e19c31f1f
 
s390x:
evolution28-pango-1.14.9-11.el4_7.s390x.rpm     2488d57a4070e041399c44354f981f91
evolution28-pango-devel-1.14.9-11.el4_7.s390x.rpm     2d79e01704af47c8a6ef32494561cd7b
pango-1.6.0-14.4_7.s390.rpm     1a8d4999f7d038e08739588235ca158f
pango-1.6.0-14.4_7.s390x.rpm     efe896d06480d8681e92a6f2ced146ad
pango-devel-1.6.0-14.4_7.s390x.rpm     8e8871ba528d8b97eb2c12e1b02ad7d4
 
x86_64:
evolution28-pango-1.14.9-11.el4_7.x86_64.rpm     b5e78b0d4ecad1d35e7f40509923f2fe
evolution28-pango-devel-1.14.9-11.el4_7.x86_64.rpm     c3de615e402f99262426620ba43d831c
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.x86_64.rpm     dd046b86457cc64f31e96b89ef7f13f2
pango-devel-1.6.0-14.4_7.x86_64.rpm     f98924eae46b5494c0882a02d612c969
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
pango-1.14.9-5.el5_3.src.rpm
File outdated by:  RHBA-2009:1395		     cc2c64af56b9c3c701242b375ee6c496
 
IA-32:
pango-1.14.9-5.el5_3.i386.rpm
File outdated by:  RHBA-2009:1395		     ef39027d8e3ea2c7a0adc64d5f99d129
 
x86_64:
pango-1.14.9-5.el5_3.i386.rpm
File outdated by:  RHBA-2009:1395		     ef39027d8e3ea2c7a0adc64d5f99d129
pango-1.14.9-5.el5_3.x86_64.rpm
File outdated by:  RHBA-2009:1395		     54068ed358b0dfa02ff16cf4a9ec5a62
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
pango-1.2.5-8.src.rpm     a3f67df91d7b4a7018edfe8f5763ee32
 
IA-32:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-devel-1.2.5-8.i386.rpm     6679375b832a05498e34687fd69a7e04
 
IA-64:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-1.2.5-8.ia64.rpm     a684bb7209bcdbef24fcf216960bf806
pango-devel-1.2.5-8.ia64.rpm     df997478052acb50feedcd510b99b6f6
 
x86_64:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-1.2.5-8.x86_64.rpm     d85e5de7c764526427888685e083a332
pango-devel-1.2.5-8.x86_64.rpm     56394f39d282c54c1446fb5502829cfb
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
evolution28-pango-1.14.9-11.el4_7.src.rpm     53cfde1f92c819f4a1480744417edc12
pango-1.6.0-14.4_7.src.rpm     8a301ce0dacf29b7271a232022fe1bc9
 
IA-32:
evolution28-pango-1.14.9-11.el4_7.i386.rpm     3400bb7617c861b089ab5fcb22ebacd5
evolution28-pango-devel-1.14.9-11.el4_7.i386.rpm     513bbea00ad36918c03e9ce38b4dc316
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-devel-1.6.0-14.4_7.i386.rpm     93af83a66285033cb621d15bce9c753a
 
IA-64:
evolution28-pango-1.14.9-11.el4_7.ia64.rpm     73bd359c1f99b3804d806dbf5ed02a32
evolution28-pango-devel-1.14.9-11.el4_7.ia64.rpm     8f50848a9fe6192995c8e6cee86a2e29
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.ia64.rpm     459df7437c5639151cf42dd52f8de396
pango-devel-1.6.0-14.4_7.ia64.rpm     aaf6034fe3040cb722a3a5ee4ba0471a
 
x86_64:
evolution28-pango-1.14.9-11.el4_7.x86_64.rpm     b5e78b0d4ecad1d35e7f40509923f2fe
evolution28-pango-devel-1.14.9-11.el4_7.x86_64.rpm     c3de615e402f99262426620ba43d831c
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.x86_64.rpm     dd046b86457cc64f31e96b89ef7f13f2
pango-devel-1.6.0-14.4_7.x86_64.rpm     f98924eae46b5494c0882a02d612c969
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
evolution28-pango-1.14.9-11.el4_7.src.rpm     53cfde1f92c819f4a1480744417edc12
pango-1.6.0-14.4_7.src.rpm     8a301ce0dacf29b7271a232022fe1bc9
 
IA-32:
evolution28-pango-1.14.9-11.el4_7.i386.rpm     3400bb7617c861b089ab5fcb22ebacd5
evolution28-pango-devel-1.14.9-11.el4_7.i386.rpm     513bbea00ad36918c03e9ce38b4dc316
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-devel-1.6.0-14.4_7.i386.rpm     93af83a66285033cb621d15bce9c753a
 
IA-64:
evolution28-pango-1.14.9-11.el4_7.ia64.rpm     73bd359c1f99b3804d806dbf5ed02a32
evolution28-pango-devel-1.14.9-11.el4_7.ia64.rpm     8f50848a9fe6192995c8e6cee86a2e29
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.ia64.rpm     459df7437c5639151cf42dd52f8de396
pango-devel-1.6.0-14.4_7.ia64.rpm     aaf6034fe3040cb722a3a5ee4ba0471a
 
x86_64:
evolution28-pango-1.14.9-11.el4_7.x86_64.rpm     b5e78b0d4ecad1d35e7f40509923f2fe
evolution28-pango-devel-1.14.9-11.el4_7.x86_64.rpm     c3de615e402f99262426620ba43d831c
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.x86_64.rpm     dd046b86457cc64f31e96b89ef7f13f2
pango-devel-1.6.0-14.4_7.x86_64.rpm     f98924eae46b5494c0882a02d612c969
 
Red Hat Enterprise Linux EUS (v. 5.3.z server)
SRPMS:
pango-1.14.9-5.el5_3.src.rpm
File outdated by:  RHBA-2009:1395		     cc2c64af56b9c3c701242b375ee6c496
 
IA-32:
pango-1.14.9-5.el5_3.i386.rpm     ef39027d8e3ea2c7a0adc64d5f99d129
pango-devel-1.14.9-5.el5_3.i386.rpm     bd6142551410c49f3466cd36fcd36303
 
IA-64:
pango-1.14.9-5.el5_3.i386.rpm     ef39027d8e3ea2c7a0adc64d5f99d129
pango-1.14.9-5.el5_3.ia64.rpm     07ac2e2e91ba26fe46b190813457f200
pango-devel-1.14.9-5.el5_3.ia64.rpm     87f535d633573cc78931524e203eecff
 
PPC:
pango-1.14.9-5.el5_3.ppc.rpm     2ec712882c60a69082f7ffbdf610cd7a
pango-1.14.9-5.el5_3.ppc64.rpm     2b3bfb585e6091416aca544f4e67a36e
pango-devel-1.14.9-5.el5_3.ppc.rpm     274dc5871d645b068a50767d30fed374
pango-devel-1.14.9-5.el5_3.ppc64.rpm     c8b408667d4ab462436e7898571a8325
 
s390x:
pango-1.14.9-5.el5_3.s390.rpm     42818decdd5ced9534b855786eb778e3
pango-1.14.9-5.el5_3.s390x.rpm     9f5c20f3665a65e4563bc27bdc6b71ea
pango-devel-1.14.9-5.el5_3.s390.rpm     42847cf2d411d7f74c71092fd77680ca
pango-devel-1.14.9-5.el5_3.s390x.rpm     e281b52a4ced5377746c1af755803cdc
 
x86_64:
pango-1.14.9-5.el5_3.i386.rpm     ef39027d8e3ea2c7a0adc64d5f99d129
pango-1.14.9-5.el5_3.x86_64.rpm     54068ed358b0dfa02ff16cf4a9ec5a62
pango-devel-1.14.9-5.el5_3.i386.rpm     bd6142551410c49f3466cd36fcd36303
pango-devel-1.14.9-5.el5_3.x86_64.rpm     a1e4ad1afdaa0d1372b059b78fcf5d91
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
pango-1.2.5-8.src.rpm     a3f67df91d7b4a7018edfe8f5763ee32
 
IA-32:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-devel-1.2.5-8.i386.rpm     6679375b832a05498e34687fd69a7e04
 
IA-64:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-1.2.5-8.ia64.rpm     a684bb7209bcdbef24fcf216960bf806
pango-devel-1.2.5-8.ia64.rpm     df997478052acb50feedcd510b99b6f6
 
x86_64:
pango-1.2.5-8.i386.rpm     b28a3b3bf82f9edb3f3e75d12ed524ac
pango-1.2.5-8.x86_64.rpm     d85e5de7c764526427888685e083a332
pango-devel-1.2.5-8.x86_64.rpm     56394f39d282c54c1446fb5502829cfb
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
evolution28-pango-1.14.9-11.el4_7.src.rpm     53cfde1f92c819f4a1480744417edc12
pango-1.6.0-14.4_7.src.rpm     8a301ce0dacf29b7271a232022fe1bc9
 
IA-32:
evolution28-pango-1.14.9-11.el4_7.i386.rpm     3400bb7617c861b089ab5fcb22ebacd5
evolution28-pango-devel-1.14.9-11.el4_7.i386.rpm     513bbea00ad36918c03e9ce38b4dc316
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-devel-1.6.0-14.4_7.i386.rpm     93af83a66285033cb621d15bce9c753a
 
IA-64:
evolution28-pango-1.14.9-11.el4_7.ia64.rpm     73bd359c1f99b3804d806dbf5ed02a32
evolution28-pango-devel-1.14.9-11.el4_7.ia64.rpm     8f50848a9fe6192995c8e6cee86a2e29
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.ia64.rpm     459df7437c5639151cf42dd52f8de396
pango-devel-1.6.0-14.4_7.ia64.rpm     aaf6034fe3040cb722a3a5ee4ba0471a
 
x86_64:
evolution28-pango-1.14.9-11.el4_7.x86_64.rpm     b5e78b0d4ecad1d35e7f40509923f2fe
evolution28-pango-devel-1.14.9-11.el4_7.x86_64.rpm     c3de615e402f99262426620ba43d831c
pango-1.6.0-14.4_7.i386.rpm     4e9f8feb37a82f8dddd5b8526c9bbfc0
pango-1.6.0-14.4_7.x86_64.rpm     dd046b86457cc64f31e96b89ef7f13f2
pango-devel-1.6.0-14.4_7.x86_64.rpm     f98924eae46b5494c0882a02d612c969
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

496887 - CVE-2009-1194 pango: pango_glyph_string_set_size integer overflow


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194
http://www.redhat.com/security/updates/classification/#important

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/