Subject: | |
From: | |
Reply To: | |
Date: | Thu, 12 Jun 2008 12:28:40 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Important: xorg-x11-server security update
Issue date: 2008-06-11
CVE Names: CVE-2008-1377 CVE-2008-1379 CVE-2008-2360
CVE-2008-2361 CVE-2008-2362
An input validation flaw was discovered in X.org's Security and Record
extensions. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or, potentially, execute arbitrary code with
root privileges on the X.Org server. (CVE-2008-1377)
Multiple integer overflow flaws were found in X.org's Render extension. A
malicious authorized client could exploit these issues to cause a denial of
service (crash) or, potentially, execute arbitrary code with root
privileges on the X.Org server. (CVE-2008-2360, CVE-2008-2361,
CVE-2008-2362)
An input validation flaw was discovered in X.org's MIT-SHM extension. A
client connected to the X.org server could read arbitrary server memory.
This could result in the sensitive data of other users of the X.org server
being disclosed. (CVE-2008-1379)
SL 5.x
SRPMS:
xorg-x11-server-1.1.1-48.41.el5_2.1.src.rpm
i386:
xorg-x11-server-randr-source-1.1.1-48.41.el5_2.1.i386.rpm
xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.i386.rpm
xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.i386.rpm
xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.i386.rpm
xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.i386.rpm
xorg-x11-server-Xorg-1.1.1-48.41.el5_2.1.i386.rpm
xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.i386.rpm
x86_64:
xorg-x11-server-randr-source-1.1.1-48.41.el5_2.1.x86_64.rpm
xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.x86_64.rpm
xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.x86_64.rpm
xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.x86_64.rpm
xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.x86_64.rpm
xorg-x11-server-Xorg-1.1.1-48.41.el5_2.1.x86_64.rpm
xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|