LWN.net Logo

X.Org: many, many vulnerabilities

Package(s):X.Org CVE #(s):CVE-2013-1981 CVE-2013-1982 CVE-2013-1983 CVE-2013-1984 CVE-2013-1985 CVE-2013-2062 CVE-2013-1986 CVE-2013-1987 CVE-2013-1988 CVE-2013-2063 CVE-2013-1989 CVE-2013-1990 CVE-2013-1991 CVE-2013-1992 CVE-2013-2064 CVE-2013-1993 CVE-2013-1994 CVE-2013-1995 CVE-2013-1996 CVE-2013-1997 CVE-2013-1998 CVE-2013-2066 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2002 CVE-2013-1981 CVE-2013-2003 CVE-2013-2004 CVE-2013-2005
Created:May 23, 2013 Updated:July 18, 2013
Description: X.Org has disclosed a long list of vulnerabilities that have been fixed in the X Window System client libraries; most of them expose clients to attacks by a hostile server. "Most of the time X clients & servers are run by the same user, with the server more privileged from the clients, so this is not a problem, but there are scenarios in which a privileged client can be connected to an unprivileged server, for instance, connecting a setuid X client (such as a screen lock program) to a virtual X server (such as Xvfb or Xephyr) which the user has modified to return invalid data, potentially allowing the user to escalate their privileges." See the advisory for details.
Alerts:
Debian DSA-2673-1 2013-05-23
Debian DSA-2675-1 2013-05-23
Debian DSA-2674-1 2013-05-23
Debian DSA-2676-1 2013-05-23
Debian DSA-2677-1 2013-05-23
Debian DSA-2678-1 2013-05-23
Debian DSA-2679-1 2013-05-23
Debian DSA-2680-1 2013-05-23
Debian DSA-2681-1 2013-05-23
Debian DSA-2682-1 2013-05-23
Debian DSA-2683-1 2013-05-23
Debian DSA-2684-1 2013-05-23
Debian DSA-2685-1 2013-05-23
Debian DSA-2686-1 2013-05-23
Debian DSA-2687-1 2013-05-23
Debian DSA-2688-1 2013-05-23
Debian DSA-2689-1 2013-05-23
Debian DSA-2690-1 2013-05-23
Debian DSA-2691-1 2013-05-23
Debian DSA-2692-1 2013-05-23
Debian DSA-2675-2 2013-05-24
Debian DSA-2693-1 2013-05-24
Fedora FEDORA-2013-9151 2013-05-28
Fedora FEDORA-2013-9114 2013-06-02
Fedora FEDORA-2013-9138 2013-06-02
Fedora FEDORA-2013-9162 2013-06-03
Fedora FEDORA-2013-9107 2013-06-03
Fedora FEDORA-2013-9166 2013-06-03
Fedora FEDORA-2013-9141 2013-06-03
Fedora FEDORA-2013-9108 2013-06-03
Fedora FEDORA-2013-9117 2013-06-03
Fedora FEDORA-2013-9120 2013-06-03
Fedora FEDORA-2013-9137 2013-06-03
Fedora FEDORA-2013-9135 2013-06-03
Fedora FEDORA-2013-9115 2013-06-03
Fedora FEDORA-2013-9140 2013-06-03
Red Hat RHSA-2013:0897-01 2013-06-03
Red Hat RHSA-2013:0898-01 2013-06-03
Scientific Linux SL-mesa-20130603 2013-06-03
Scientific Linux SL-mesa-20130603 2013-06-03
CentOS CESA-2013:0897 2013-06-03
CentOS CESA-2013:0898 2013-06-03
Oracle ELSA-2013-0897 2013-06-03
Oracle ELSA-2013-0898 2013-06-03
Fedora FEDORA-2013-9156 2013-06-06
Fedora FEDORA-2013-9147 2013-06-06
Fedora FEDORA-2013-9146 2013-06-06
Fedora FEDORA-2013-9155 2013-06-06
Fedora FEDORA-2013-9188 2013-06-06
Fedora FEDORA-2013-9177 2013-06-06
openSUSE openSUSE-SU-2013:0865-1 2013-06-06
Ubuntu USN-1852-1 2013-06-05
Ubuntu USN-1853-1 2013-06-05
Ubuntu USN-1854-1 2013-06-05
Ubuntu USN-1855-1 2013-06-05
Ubuntu USN-1856-1 2013-06-05
Ubuntu USN-1857-1 2013-06-05
Ubuntu USN-1858-1 2013-06-05
Ubuntu USN-1860-1 2013-06-05
Ubuntu USN-1861-1 2013-06-05
Ubuntu USN-1862-1 2013-06-05
Ubuntu USN-1863-1 2013-06-05
Ubuntu USN-1864-1 2013-06-05
Ubuntu USN-1865-1 2013-06-05
Ubuntu USN-1866-1 2013-06-05
Ubuntu USN-1867-1 2013-06-05
Ubuntu USN-1868-1 2013-06-05
Ubuntu USN-1869-1 2013-06-05
Ubuntu USN-1870-1 2013-06-05
Ubuntu USN-1859-1 2013-06-05
Ubuntu USN-1871-1 2013-06-10
openSUSE openSUSE-SU-2013:1007-1 2013-06-14
openSUSE openSUSE-SU-2013:1009-1 2013-06-14
openSUSE openSUSE-SU-2013:1014-1 2013-06-14
openSUSE openSUSE-SU-2013:1008-1 2013-06-14
openSUSE openSUSE-SU-2013:1010-1 2013-06-14
openSUSE openSUSE-SU-2013:1025-1 2013-06-17
openSUSE openSUSE-SU-2013:1026-1 2013-06-17
openSUSE openSUSE-SU-2013:1027-1 2013-06-17
openSUSE openSUSE-SU-2013:1028-1 2013-06-17
openSUSE openSUSE-SU-2013:1029-1 2013-06-17
openSUSE openSUSE-SU-2013:1030-1 2013-06-17
openSUSE openSUSE-SU-2013:1031-1 2013-06-17
openSUSE openSUSE-SU-2013:1032-1 2013-06-17
openSUSE openSUSE-SU-2013:1033-1 2013-06-17
openSUSE openSUSE-SU-2013:1034-1 2013-06-17
openSUSE openSUSE-SU-2013:1041-1 2013-06-19
openSUSE openSUSE-SU-2013:1046-1 2013-06-19
openSUSE openSUSE-SU-2013:1047-1 2013-06-19
openSUSE openSUSE-SU-2013:1011-1 2013-06-14
Ubuntu USN-1888-1 2013-06-20
Mageia MGASA-2013-0186 2013-06-26
Mageia MGASA-2013-0190 2013-06-26
Mandriva MDVSA-2013:182 2013-06-27
Mandriva MDVSA-2013:181 2013-06-27
Fedora FEDORA-2013-11734 2013-07-08
Fedora FEDORA-2013-12083 2013-07-11
Fedora FEDORA-2013-12593 2013-07-18

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds