[SECURITY] Fedora 8 Update: xorg-x11-server-1.3.0.0-39.fc8

updates at fedoraproject.org updates at fedoraproject.org
Tue Jan 22 15:32:21 UTC 2008


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-0760
2008-01-22 05:27:19
--------------------------------------------------------------------------------

Name        : xorg-x11-server
Product     : Fedora 8
Version     : 1.3.0.0
Release     : 39.fc8
URL         : http://www.x.org
Summary     : X.Org X11 X server
Description :
X.Org X11 X server

--------------------------------------------------------------------------------
Update Information:

CVE-2007-5760: XFree86-Misc Extension Invalid Array Index Vulnerability
CVE-2007-5958: Xorg / XFree86 file existence disclosure vulnerability
CVE-2007-6427: XInput Extension Memory Corruption Vulnerability
CVE-2007-6428: TOG-CUP Extension Memory Corruption Vulnerability
CVE-2007-6429: EVI and MIT-SHM Extension Integer Overflow Vulnerability
CVE-2008-0006: PCF Font Vulnerability - this patch isn't strictly required with new version of libXfont.

Contains updated fix for MITSHM from ajax.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jan 18 2008 Dave Airlie <airlied at redhat.com> 1.3.0.0-39
- cve-2007-6429.patch: Fix patch to not break java apps
* Fri Jan 18 2008 Dave Airlie <airlied at redhat.com> 1.3.0.0-38
- cve-2007-5760.patch: XFree86-Misc Extension Invalid Array Index Vulnerability
- cve-2007-5958.patch: Xorg / XFree86 file existence disclosure vulnerability
- cve-2007-6427.patch: XInput Extension Memory Corruption Vulnerability
- cve-2007-6428.patch: TOG-CUP Extension Memory Corruption Vulnerability
- cve-2007-6429.patch: EVI and MIT-SHM Extension Integer Overflow Vulnerability
- cve-2008-0006-server-fixup.patch: PCF Font Vulnerability - this patch isn't strictly required with new version of libXfont.
* Thu Dec 13 2007 Adam Jackson <ajax at redhat.com> 1.3.0.0-37
- xorg-x11-server-Red-Hat-extramodes.patch: Remove the non-CVT-R timings
  for 1920x1080 and 1920x1200, they don't fit in a single DVI link and
  are therefore useless.
* Fri Nov 30 2007 Dave Airlie <airlied at redhat.com> 1.3.0.0-36
- xserver-1.3.0-update-edid-quirks.patch - updates quirk from master server
* Thu Nov 29 2007 Dave Airlie <airlied at redhat.com> 1.3.0.0-35
- xserver-1.3.0-ignore-extra-entity.patch - if a driver doesn't support 
  secondary entities, don't fatal error just ignore and keep going
- xserver-1.3.0-randr-fix-set-rotations-xinerama.patch - attempt to stop xinerama segfaulting randr12
* Thu Nov  1 2007 Adam Jackson <ajax at redhat.com> 1.3.0.0-34
- xserver-1.3.0-yet-more-vt-ioctl-hate.patch: You don't even want to know.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #429126 - CVE-2007-5958 CVE-2007-6429 CVE-2007-6429_MITSHM CVE-2007-6428 CVE-2007-6427 CVE-2007-5760 Multiple xorg-x11-server vulnerabilities [Fedora 8]
        https://bugzilla.redhat.com/show_bug.cgi?id=429126
  [ 2 ] Bug #391841 - CVE-2007-5958 Xorg / XFree86 file existence disclosure vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=391841
  [ 3 ] Bug #413721 - CVE-2007-6429 xorg / xfree86: integer overflow in EVI extension
        https://bugzilla.redhat.com/show_bug.cgi?id=413721
  [ 4 ] Bug #413741 - CVE-2007-6429 xorg / xfree86: integer overflow in MIT-SHM extension
        https://bugzilla.redhat.com/show_bug.cgi?id=413741
  [ 5 ] Bug #413791 - CVE-2007-6428 xorg / xfree86: information disclosure via TOG-CUP extension
        https://bugzilla.redhat.com/show_bug.cgi?id=413791
  [ 6 ] Bug #413811 - CVE-2007-6427 xorg / xfree86: memory corruption via XInput extension
        https://bugzilla.redhat.com/show_bug.cgi?id=413811
  [ 7 ] Bug #414031 - CVE-2007-5760 xorg: invalid array indexing in XFree86-Misc extension
        https://bugzilla.redhat.com/show_bug.cgi?id=414031
--------------------------------------------------------------------------------
Updated packages:

2ae23ad5b18890ced5849cb1271785805fc12b8c xorg-x11-server-debuginfo-1.3.0.0-39.fc8.ppc64.rpm
7f89d8bf72a5f33a47e705db0e6f95ea017ea4e4 xorg-x11-server-source-1.3.0.0-39.fc8.ppc64.rpm
640df3574260cfa8794137fc5925d24b9a41081b xorg-x11-server-sdk-1.3.0.0-39.fc8.ppc64.rpm
69a51257a29e381e4d0ca8de91e6a9269045bbf5 xorg-x11-server-Xephyr-1.3.0.0-39.fc8.ppc64.rpm
032605ed5edc3f6f21794c5578f126926e1ba6c2 xorg-x11-server-Xvfb-1.3.0.0-39.fc8.ppc64.rpm
1c58780d606552ee8819c2f362dad5d5b9ec7525 xorg-x11-server-Xdmx-1.3.0.0-39.fc8.ppc64.rpm
0e09e73c613dfcb1b7924e9c52bae6c6e8b206e3 xorg-x11-server-Xnest-1.3.0.0-39.fc8.ppc64.rpm
f5fe44041fb5333aad05ed06d154279f6cb61a74 xorg-x11-server-Xorg-1.3.0.0-39.fc8.ppc64.rpm
1d9cb03852893e2fef764fa31eadeb3c30f0d64c xorg-x11-server-debuginfo-1.3.0.0-39.fc8.i386.rpm
05fb6e0a1857efa6ec71ba91131004d9138f1b89 xorg-x11-server-source-1.3.0.0-39.fc8.i386.rpm
8ec188f698034571cef302443861584dea7ecda0 xorg-x11-server-sdk-1.3.0.0-39.fc8.i386.rpm
8f56254c892f2d42e2fc2e218f77b97c7001c88e xorg-x11-server-Xephyr-1.3.0.0-39.fc8.i386.rpm
c78fd8a597d6ebfa10e699632337e4d9c97fe0fb xorg-x11-server-Xvfb-1.3.0.0-39.fc8.i386.rpm
51d6cd2856319d0ff61bb60dc675583ff5a066ce xorg-x11-server-Xdmx-1.3.0.0-39.fc8.i386.rpm
ff263c0321b2292e0955547bb843937e29a3f945 xorg-x11-server-Xnest-1.3.0.0-39.fc8.i386.rpm
6e33d9def70f8dad2bb90410af42770d85e32061 xorg-x11-server-Xorg-1.3.0.0-39.fc8.i386.rpm
57ea21be7a52de46b3d1b3739d60db82c317ac5b xorg-x11-server-Xvfb-1.3.0.0-39.fc8.x86_64.rpm
25032e831096c9bed9fcf88dde0d006ac3a4acb5 xorg-x11-server-Xnest-1.3.0.0-39.fc8.x86_64.rpm
cefc3a0ea1f69fc80f7cc60e3da517ec475a3ad0 xorg-x11-server-debuginfo-1.3.0.0-39.fc8.x86_64.rpm
4a931017170608fe9015b40bbf3d94c726135a5b xorg-x11-server-Xorg-1.3.0.0-39.fc8.x86_64.rpm
b845a1ad9b96f2352930ead6504535d4a1374af7 xorg-x11-server-source-1.3.0.0-39.fc8.x86_64.rpm
2d24636a924e72c9d5e4ec246562faea764c7cdf xorg-x11-server-Xdmx-1.3.0.0-39.fc8.x86_64.rpm
34d830c59e6ca133a9ab224f0fdb73a1a164c7f8 xorg-x11-server-sdk-1.3.0.0-39.fc8.x86_64.rpm
e338255563d060ef786c894057e5e682e56f4661 xorg-x11-server-Xephyr-1.3.0.0-39.fc8.x86_64.rpm
006c1918a8f152f7e182b3cd2a2b88a311c1ab42 xorg-x11-server-debuginfo-1.3.0.0-39.fc8.ppc.rpm
eb9e52c296bfc649468f9836efe965e7a3bbfaef xorg-x11-server-source-1.3.0.0-39.fc8.ppc.rpm
5aedf46ac6d41b77f0b2a1da03cd355215e6e354 xorg-x11-server-sdk-1.3.0.0-39.fc8.ppc.rpm
e3c61b92393597c76ea1849b028b769b91c7c93a xorg-x11-server-Xephyr-1.3.0.0-39.fc8.ppc.rpm
2d5c19d937549f38e044e290d5fcbce458058a03 xorg-x11-server-Xvfb-1.3.0.0-39.fc8.ppc.rpm
55081bb5cab63088a1e6cc7d43b031b4b1e1ee0f xorg-x11-server-Xdmx-1.3.0.0-39.fc8.ppc.rpm
ef1c093c2fd1435ae44a92bbcbe8ed88fe11df1b xorg-x11-server-Xnest-1.3.0.0-39.fc8.ppc.rpm
f7f9e0c881028509352241b4e2d3a849cfbc5b9a xorg-x11-server-Xorg-1.3.0.0-39.fc8.ppc.rpm
51da9519311ee5b83fa9c98b027710a1dcafaadf xorg-x11-server-1.3.0.0-39.fc8.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update xorg-x11-server' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list