Test ID:	1.3.6.1.4.1.25623.1.0.122275
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2011-0180)
Summary:	The remote host is missing an update for the 'evolution28-pango, pango' package(s) announced via the ELSA-2011-0180 advisory.
Description:	Summary: The remote host is missing an update for the 'evolution28-pango, pango' package(s) announced via the ELSA-2011-0180 advisory. Vulnerability Insight: [1.28.1-3.el6_0.3] - Fix a division by zero found in testing [1.28.1-3.el6_0.2] - Use -fno-strict-aliasing for C++, too - Escape macros in %changelog [1.28.1-3.el6_0.1] - Prevent heap corruption with malformed fonts. (CVE-2011-0020) - Resolves: #671529 Affected Software/OS: 'evolution28-pango, pango' package(s) on Oracle Linux 4, Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0020 1024994 http://www.securitytracker.com/id?1024994 42934 http://secunia.com/advisories/42934 43100 http://secunia.com/advisories/43100 45842 http://www.securityfocus.com/bid/45842 70596 http://osvdb.org/70596 ADV-2011-0186 http://www.vupen.com/english/advisories/2011/0186 ADV-2011-0238 http://www.vupen.com/english/advisories/2011/0238 RHSA-2011:0180 http://www.redhat.com/support/errata/RHSA-2011-0180.html SUSE-SR:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html [oss-security] 20110118 CVE request: heap corruption in libpango http://openwall.com/lists/oss-security/2011/01/18/6 [oss-security] 20110120 Re: CVE request: heap corruption in libpango http://openwall.com/lists/oss-security/2011/01/20/2 https://bugs.launchpad.net/ubuntu/+source/pango1.0/+bug/696616 https://bugzilla.gnome.org/show_bug.cgi?id=639882 https://bugzilla.redhat.com/show_bug.cgi?id=671122 pango-pango-bo(64832) https://exchange.xforce.ibmcloud.com/vulnerabilities/64832
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.