xorg-server 2:1.19.3-2 source package in Debian
Changelog
xorg-server (2:1.19.3-2) unstable; urgency=high
* CVE-2017-10972: information leak out of the X server due to an
uninitialized stack area when swapping:
- Xi: Zero target buffer in SProcXSendExtensionEvent
* CVE-2017-10971: stack overflow due to missing GenericEvent handling in
XSendEvent:
- dix: Disallow GenericEvent in SendEvent request
- Xi: Verify all events in ProcXSendExtensionEvent
- Xi: Do not try to swap GenericEvent
* With both those fixes, this closes: #867492
-- Julien Cristau <email address hidden> Fri, 07 Jul 2017 07:31:11 +0200
Upload details
- Uploaded by:
- Debian X Strike Force
- Uploaded to:
- Sid
- Original maintainer:
- Debian X Strike Force
- Architectures:
- any all
- Section:
- x11
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| xorg-server_1.19.3-2.dsc | 4.7 KiB | b12e94496dd2cb00d75170be13276dd29361ef8f9dd5f4b918db636476355e63 |
| xorg-server_1.19.3.orig.tar.gz | 8.1 MiB | 8f93b98f1ac9fbd87515bfe329a069b48bbec98e5329584ab5fbf759a0953b8d |
| xorg-server_1.19.3-2.diff.gz | 136.4 KiB | 743dca1680e454b2e166fdd2a5e36ca09145bbbd939503b791c74914eeb4603f |
No changes file available.
