Sponsored link
Serve your customers, not your servers, with VERIO Linux VPS. Full-access test-drive here.
| Weekly edition | Kernel | Security | Distributions | Search |
| Archives | Calendar | Subscribe | Write for LWN | LWN.net FAQ |
Fedora alert FEDORA-2008-0760 (xorg-x11-server)
| From: | updates@fedoraproject.org | |
| To: | fedora-package-announce@redhat.com | |
| Subject: | [SECURITY] Fedora 8 Update: xorg-x11-server-1.3.0.0-39.fc8 | |
| Date: | Tue, 22 Jan 2008 08:32:21 -0700 | |
| Message-ID: | <200801221532.m0MFVLsU030160@bastion.fedora.phx.redhat.com> |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-0760 2008-01-22 05:27:19 -------------------------------------------------------------------------------- Name : xorg-x11-server Product : Fedora 8 Version : 1.3.0.0 Release : 39.fc8 URL : http://www.x.org Summary : X.Org X11 X server Description : X.Org X11 X server -------------------------------------------------------------------------------- Update Information: CVE-2007-5760: XFree86-Misc Extension Invalid Array Index Vulnerability CVE-2007-5958: Xorg / XFree86 file existence disclosure vulnerability CVE-2007-6427: XInput Extension Memory Corruption Vulnerability CVE-2007-6428: TOG-CUP Extension Memory Corruption Vulnerability CVE-2007-6429: EVI and MIT-SHM Extension Integer Overflow Vulnerability CVE-2008-0006: PCF Font Vulnerability - this patch isn't strictly required with new version of libXfont. Contains updated fix for MITSHM from ajax. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2008 Dave Airlie <airlied@redhat.com> 1.3.0.0-39 - cve-2007-6429.patch: Fix patch to not break java apps * Fri Jan 18 2008 Dave Airlie <airlied@redhat.com> 1.3.0.0-38 - cve-2007-5760.patch: XFree86-Misc Extension Invalid Array Index Vulnerability - cve-2007-5958.patch: Xorg / XFree86 file existence disclosure vulnerability - cve-2007-6427.patch: XInput Extension Memory Corruption Vulnerability - cve-2007-6428.patch: TOG-CUP Extension Memory Corruption Vulnerability - cve-2007-6429.patch: EVI and MIT-SHM Extension Integer Overflow Vulnerability - cve-2008-0006-server-fixup.patch: PCF Font Vulnerability - this patch isn't strictly required with new version of libXfont. * Thu Dec 13 2007 Adam Jackson <ajax@redhat.com> 1.3.0.0-37 - xorg-x11-server-Red-Hat-extramodes.patch: Remove the non-CVT-R timings for 1920x1080 and 1920x1200, they don't fit in a single DVI link and are therefore useless. * Fri Nov 30 2007 Dave Airlie <airlied@redhat.com> 1.3.0.0-36 - xserver-1.3.0-update-edid-quirks.patch - updates quirk from master server * Thu Nov 29 2007 Dave Airlie <airlied@redhat.com> 1.3.0.0-35 - xserver-1.3.0-ignore-extra-entity.patch - if a driver doesn't support secondary entities, don't fatal error just ignore and keep going - xserver-1.3.0-randr-fix-set-rotations-xinerama.patch - attempt to stop xinerama segfaulting randr12 * Thu Nov 1 2007 Adam Jackson <ajax@redhat.com> 1.3.0.0-34 - xserver-1.3.0-yet-more-vt-ioctl-hate.patch: You don't even want to know. -------------------------------------------------------------------------------- References: [ 1 ] Bug #429126 - CVE-2007-5958 CVE-2007-6429 CVE-2007-6429_MITSHM CVE-2007-6428 CVE-2007-6427 CVE-2007-5760 Multiple xorg-x11-server vulnerabilities [Fedora 8] https://bugzilla.redhat.com/show_bug.cgi?id=429126 [ 2 ] Bug #391841 - CVE-2007-5958 Xorg / XFree86 file existence disclosure vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=391841 [ 3 ] Bug #413721 - CVE-2007-6429 xorg / xfree86: integer overflow in EVI extension https://bugzilla.redhat.com/show_bug.cgi?id=413721 [ 4 ] Bug #413741 - CVE-2007-6429 xorg / xfree86: integer overflow in MIT-SHM extension https://bugzilla.redhat.com/show_bug.cgi?id=413741 [ 5 ] Bug #413791 - CVE-2007-6428 xorg / xfree86: information disclosure via TOG-CUP extension https://bugzilla.redhat.com/show_bug.cgi?id=413791 [ 6 ] Bug #413811 - CVE-2007-6427 xorg / xfree86: memory corruption via XInput extension https://bugzilla.redhat.com/show_bug.cgi?id=413811 [ 7 ] Bug #414031 - CVE-2007-5760 xorg: invalid array indexing in XFree86-Misc extension https://bugzilla.redhat.com/show_bug.cgi?id=414031 -------------------------------------------------------------------------------- Updated packages: 2ae23ad5b18890ced5849cb1271785805fc12b8c xorg-x11-server-debuginfo-1.3.0.0-39.fc8.ppc64.rpm 7f89d8bf72a5f33a47e705db0e6f95ea017ea4e4 xorg-x11-server-source-1.3.0.0-39.fc8.ppc64.rpm 640df3574260cfa8794137fc5925d24b9a41081b xorg-x11-server-sdk-1.3.0.0-39.fc8.ppc64.rpm 69a51257a29e381e4d0ca8de91e6a9269045bbf5 xorg-x11-server-Xephyr-1.3.0.0-39.fc8.ppc64.rpm 032605ed5edc3f6f21794c5578f126926e1ba6c2 xorg-x11-server-Xvfb-1.3.0.0-39.fc8.ppc64.rpm 1c58780d606552ee8819c2f362dad5d5b9ec7525 xorg-x11-server-Xdmx-1.3.0.0-39.fc8.ppc64.rpm 0e09e73c613dfcb1b7924e9c52bae6c6e8b206e3 xorg-x11-server-Xnest-1.3.0.0-39.fc8.ppc64.rpm f5fe44041fb5333aad05ed06d154279f6cb61a74 xorg-x11-server-Xorg-1.3.0.0-39.fc8.ppc64.rpm 1d9cb03852893e2fef764fa31eadeb3c30f0d64c xorg-x11-server-debuginfo-1.3.0.0-39.fc8.i386.rpm 05fb6e0a1857efa6ec71ba91131004d9138f1b89 xorg-x11-server-source-1.3.0.0-39.fc8.i386.rpm 8ec188f698034571cef302443861584dea7ecda0 xorg-x11-server-sdk-1.3.0.0-39.fc8.i386.rpm 8f56254c892f2d42e2fc2e218f77b97c7001c88e xorg-x11-server-Xephyr-1.3.0.0-39.fc8.i386.rpm c78fd8a597d6ebfa10e699632337e4d9c97fe0fb xorg-x11-server-Xvfb-1.3.0.0-39.fc8.i386.rpm 51d6cd2856319d0ff61bb60dc675583ff5a066ce xorg-x11-server-Xdmx-1.3.0.0-39.fc8.i386.rpm ff263c0321b2292e0955547bb843937e29a3f945 xorg-x11-server-Xnest-1.3.0.0-39.fc8.i386.rpm 6e33d9def70f8dad2bb90410af42770d85e32061 xorg-x11-server-Xorg-1.3.0.0-39.fc8.i386.rpm 57ea21be7a52de46b3d1b3739d60db82c317ac5b xorg-x11-server-Xvfb-1.3.0.0-39.fc8.x86_64.rpm 25032e831096c9bed9fcf88dde0d006ac3a4acb5 xorg-x11-server-Xnest-1.3.0.0-39.fc8.x86_64.rpm cefc3a0ea1f69fc80f7cc60e3da517ec475a3ad0 xorg-x11-server-debuginfo-1.3.0.0-39.fc8.x86_64.rpm 4a931017170608fe9015b40bbf3d94c726135a5b xorg-x11-server-Xorg-1.3.0.0-39.fc8.x86_64.rpm b845a1ad9b96f2352930ead6504535d4a1374af7 xorg-x11-server-source-1.3.0.0-39.fc8.x86_64.rpm 2d24636a924e72c9d5e4ec246562faea764c7cdf xorg-x11-server-Xdmx-1.3.0.0-39.fc8.x86_64.rpm 34d830c59e6ca133a9ab224f0fdb73a1a164c7f8 xorg-x11-server-sdk-1.3.0.0-39.fc8.x86_64.rpm e338255563d060ef786c894057e5e682e56f4661 xorg-x11-server-Xephyr-1.3.0.0-39.fc8.x86_64.rpm 006c1918a8f152f7e182b3cd2a2b88a311c1ab42 xorg-x11-server-debuginfo-1.3.0.0-39.fc8.ppc.rpm eb9e52c296bfc649468f9836efe965e7a3bbfaef xorg-x11-server-source-1.3.0.0-39.fc8.ppc.rpm 5aedf46ac6d41b77f0b2a1da03cd355215e6e354 xorg-x11-server-sdk-1.3.0.0-39.fc8.ppc.rpm e3c61b92393597c76ea1849b028b769b91c7c93a xorg-x11-server-Xephyr-1.3.0.0-39.fc8.ppc.rpm 2d5c19d937549f38e044e290d5fcbce458058a03 xorg-x11-server-Xvfb-1.3.0.0-39.fc8.ppc.rpm 55081bb5cab63088a1e6cc7d43b031b4b1e1ee0f xorg-x11-server-Xdmx-1.3.0.0-39.fc8.ppc.rpm ef1c093c2fd1435ae44a92bbcbe8ed88fe11df1b xorg-x11-server-Xnest-1.3.0.0-39.fc8.ppc.rpm f7f9e0c881028509352241b4e2d3a849cfbc5b9a xorg-x11-server-Xorg-1.3.0.0-39.fc8.ppc.rpm 51da9519311ee5b83fa9c98b027710a1dcafaadf xorg-x11-server-1.3.0.0-39.fc8.src.rpm This update can be installed with the "yum" update program. Use su -c 'yum update xorg-x11-server' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)