Univention Bugzilla – Full Text Bug Listing |
Summary: | xorg-server: Multiple issues (4.2) | ||
---|---|---|---|
Product: | UCS | Reporter: | Arvid Requate <requate> |
Component: | Security updates | Assignee: | Philipp Hahn <hahn> |
Status: | CLOSED FIXED | QA Contact: | Arvid Requate <requate> |
Severity: | normal | ||
Priority: | P5 | Flags: | requate:
Patch_Available+
|
Version: | UCS 4.2 | ||
Target Milestone: | UCS 4.2-3-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 7 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) | ||
Bug Depends on: | |||
Bug Blocks: | 37755 |
Description
Arvid Requate
2017-07-11 16:33:47 CEST
Upstream Debian package version 2:1.16.4-1+deb8u2 fixes: * Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176) * dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo (CVE-2017-12177) * Xi: fix wrong extra length check in ProcXIChangeHierarchy (CVE-2017-12178) * Xi: integer overflow and unvalidated length in (S)ProcXIBarrierReleasePointer (CVE-2017-12179) * hw/xfree86: unvalidated lengths (CVE-2017-12180) * hw/xfree86: unvalidated lengths (CVE-2017-12181) * hw/xfree86: unvalidated lengths (CVE-2017-12182) * xfixes: unvalidated lengths (CVE-2017-12183) * Unvalidated lengths (CVE-2017-12184 CVE-2017-12185 CVE-2017-12186 CVE-2017-12187) * In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session. (CVE-2017-13721) * In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp. (CVE-2017-13723) Mass-import from Debian-Security: python -m univention.repong.^Cbmirror -s jessie -r 4.2-3 --override=$HOME/REPOS/repo-ng/mirror/update_ucs42_mirror_from_debian.yml --errata=doc/errata --sql --process=ALL -vvvv --now=201801211553 YAML: git:bd6159834a..449aa5a7cf --- mirror/ftp/4.2/unmaintained/4.2-0/source/xorg-server_1.16.4-1.dsc +++ apt/ucs_4.2-0-errata4.2-3/source/xorg-server_1.16.4-1+deb8u2.dsc @@ -1,3 +1,33 @@ +2:1.16.4-1+deb8u2 [Sat, 14 Oct 2017 12:35:36 +0200] Julien Cristau <jcristau@debian.org>: + + * render: Fix out of boundary heap access + * Xext/shm: Validate shmseg resource id (CVE-2017-13721) + * xkb: Escape non-printable characters correctly. + * xkb: Handle xkb formated string output safely (CVE-2017-13723) + * os: Make sure big requests have sufficient length. + * Unvalidated lengths in + - XFree86-VidModeExtension (CVE-2017-12180) + - XFree86-DGA (CVE-2017-12181) + - XFree86-DRI (CVE-2017-12182) + - XFIXES (CVE-2017-12183) + - XINERAMA (CVE-2017-12184) + - MIT-SCREEN-SAVER (CVE-2017-12185) + - X-Resource (CVE-2017-12186) + - RENDER (CVE-2017-12187) + * Xi: Test exact size of XIBarrierReleasePointer + * Xi: integer overflow and unvalidated length in + (S)ProcXIBarrierReleasePointer (CVE-2017-12179) + * Xi: Silence some tautological warnings + * Xi: fix wrong extra length check in ProcXIChangeHierarchy (CVE-2017-12178) + * dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo (CVE-2017-12177) + * Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176) + * Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES (CVE-2017-2624) + * Xwayland: enable access control and default to just the local user (CVE-2015-3164) + +2:1.16.4-1+deb8u1 [Thu, 06 Jul 2017 22:34:31 +0200] Moritz Mühlenhoff <jmm@debian.org>: + + * CVE-2017-10971 CVE-2017-10972 + 2:1.16.4-1 [Wed, 11 Feb 2015 01:26:07 +0100] Julien Cristau <jcristau@debian.org>: * New upstream release * No UCS specific patches * Comparison to previously shipped version ok * Binary package update Ok * Advisory adjusted: 95ac67164e | Sort CVEs |