| |||||||||||||||||||
Mageia alert MGASA-2012-0299 (x11-server)
MGASA-2012-0299 Date: October 20th, 2012 Affected releases: 1, 2 Description: This fixes a format string vulnerability in the LogVHdrMessageVerb function in os/log.c when handling input device names in X.Org X11 server (CVE-2012-2118). Mageia is not vulnerable to arbitrary code execution via this vulnerability because of the compiler options that were used to build it, but it can still cause a crash. Updated Packages: Mageia 1: x11-server-1.10.1-1.2.mga1 x11-server-common-1.10.1-1.2.mga1 x11-server-devel-1.10.1-1.2.mga1 x11-server-source-1.10.1-1.2.mga1 x11-server-xdmx-1.10.1-1.2.mga1 x11-server-xephyr-1.10.1-1.2.mga1 x11-server-xfake-1.10.1-1.2.mga1 x11-server-xfbdev-1.10.1-1.2.mga1 x11-server-xnest-1.10.1-1.2.mga1 x11-server-xorg-1.10.1-1.2.mga1 x11-server-xvfb-1.10.1-1.2.mga1 Mageia 2: x11-server-1.11.4-2.1.mga2 x11-server-common-1.11.4-2.1.mga2 x11-server-devel-1.11.4-2.1.mga2 x11-server-source-1.11.4-2.1.mga2 x11-server-xdmx-1.11.4-2.1.mga2 x11-server-xephyr-1.11.4-2.1.mga2 x11-server-xfake-1.11.4-2.1.mga2 x11-server-xfbdev-1.11.4-2.1.mga2 x11-server-xnest-1.11.4-2.1.mga2 x11-server-xorg-1.11.4-2.1.mga2 x11-server-xvfb-1.11.4-2.1.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2118 http://www.ubuntu.com/usn/usn-1502-1/ https://bugs.mageia.org/show_bug.cgi?id=6744 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||