libxfont was updated to fix multiple vulnerabilities:
- Integer overflow of allocations in font metadata file parsing (CVE-2014-0209).
- Unvalidated length fields when parsing xfs protocol replies (CVE-2014-0210).
- Integer overflows calculating memory needs for xfs replies (CVE-2014-0211).

These vulnerabilities could be used by a local, authenticated user to raise privileges
or by a remote attacker with control of the font server to execute code with the
privileges of the X server.