lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1W60tI-0001v3-Sr@titan.mandriva.com>
Date: Wed, 22 Jan 2014 17:43:00 +0100
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2014:020 ] x11-server

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:020
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : x11-server
 Date    : January 22, 2014
 Affected: Business Server 1.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Updated x11-server package fixes security vulnerability:
 
 Bryan Quigley discovered an integer underflow in the Xorg X server
 which could lead to denial of service or the execution of arbitrary
 code (CVE-2013-6424).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6424
 http://advisories.mageia.org/MGASA-2014-0016.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Enterprise Server 5:
 908613d9482582938fa62e33b7f32bd4  mes5/i586/x11-server-1.4.2-11.4mdvmes5.2.i586.rpm
 e12af81d8e7cf5f25ca84a98324b8541  mes5/i586/x11-server-common-1.4.2-11.4mdvmes5.2.i586.rpm
 c05e604dfc4a7f026935ae843eecc69b  mes5/i586/x11-server-devel-1.4.2-11.4mdvmes5.2.i586.rpm
 c0edc59179ba56fc866d89dbe1dcaa78  mes5/i586/x11-server-xdmx-1.4.2-11.4mdvmes5.2.i586.rpm
 01a6c17447af8dc7addceab77d6f6d92  mes5/i586/x11-server-xephyr-1.4.2-11.4mdvmes5.2.i586.rpm
 82c6ddaad3bb32b113e78b1462a9cc7d  mes5/i586/x11-server-xfake-1.4.2-11.4mdvmes5.2.i586.rpm
 8a8dd94871671effe26658baf668d949  mes5/i586/x11-server-xfbdev-1.4.2-11.4mdvmes5.2.i586.rpm
 85b9c2617735976c3a610f02962e794d  mes5/i586/x11-server-xnest-1.4.2-11.4mdvmes5.2.i586.rpm
 f87b0d7a700c3827f0759f6a1b75f372  mes5/i586/x11-server-xorg-1.4.2-11.4mdvmes5.2.i586.rpm
 07105ff2cea8e2c17003f0bde3c79280  mes5/i586/x11-server-xsdl-1.4.2-11.4mdvmes5.2.i586.rpm
 fcefb95feb1e902ec802a0e0361507a1  mes5/i586/x11-server-xvfb-1.4.2-11.4mdvmes5.2.i586.rpm
 aa010ea14ff34e2b9c839eb23b8c74df  mes5/i586/x11-server-xvnc-1.4.2-11.4mdvmes5.2.i586.rpm 
 95f03adb99d07b7d63e256dd622660cf  mes5/SRPMS/x11-server-1.4.2-11.4mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 8b526c82d4f315eb44970561b1d17866  mes5/x86_64/x11-server-1.4.2-11.4mdvmes5.2.x86_64.rpm
 1cb321d41d16b3dfef580ed54c81bca4  mes5/x86_64/x11-server-common-1.4.2-11.4mdvmes5.2.x86_64.rpm
 4c4bd46949e2b6a61cdc2735b2c5a72f  mes5/x86_64/x11-server-devel-1.4.2-11.4mdvmes5.2.x86_64.rpm
 6abbb9dfdd8f865f213d2e95dcbbbf4b  mes5/x86_64/x11-server-xdmx-1.4.2-11.4mdvmes5.2.x86_64.rpm
 665b8d99be3cc3457070e1cc5000949d  mes5/x86_64/x11-server-xephyr-1.4.2-11.4mdvmes5.2.x86_64.rpm
 2004a0efc184141cb55233e75b0c5d5b  mes5/x86_64/x11-server-xfake-1.4.2-11.4mdvmes5.2.x86_64.rpm
 67bbfe03b1112aee13cc9e5ef30371f3  mes5/x86_64/x11-server-xfbdev-1.4.2-11.4mdvmes5.2.x86_64.rpm
 407da60675a417c02e4349d66174ffc3  mes5/x86_64/x11-server-xnest-1.4.2-11.4mdvmes5.2.x86_64.rpm
 3507417767fd7f091cf15c54a842dd3c  mes5/x86_64/x11-server-xorg-1.4.2-11.4mdvmes5.2.x86_64.rpm
 0bf194cb2cf48741027e43b475529831  mes5/x86_64/x11-server-xsdl-1.4.2-11.4mdvmes5.2.x86_64.rpm
 9c39aa8195ee73675c93ba8ecb87f125  mes5/x86_64/x11-server-xvfb-1.4.2-11.4mdvmes5.2.x86_64.rpm
 da9e4c1f750f5bda694057c8dade071a  mes5/x86_64/x11-server-xvnc-1.4.2-11.4mdvmes5.2.x86_64.rpm 
 95f03adb99d07b7d63e256dd622660cf  mes5/SRPMS/x11-server-1.4.2-11.4mdvmes5.2.src.rpm

 Mandriva Business Server 1/X86_64:
 6b18d1195af47833ae940427ecfae2db  mbs1/x86_64/x11-server-1.11.4-12.4.mbs1.x86_64.rpm
 3b68e9054f78cacc7e0c569f75e701ec  mbs1/x86_64/x11-server-common-1.11.4-12.4.mbs1.x86_64.rpm
 fed36b01b53dfb8268d55dafe3d049bd  mbs1/x86_64/x11-server-devel-1.11.4-12.4.mbs1.x86_64.rpm
 cd4add35d1504cf8ce23a4719ee9583b  mbs1/x86_64/x11-server-source-1.11.4-12.4.mbs1.noarch.rpm
 e95c29d35a1d3776563fc0d4c3730dc7  mbs1/x86_64/x11-server-xdmx-1.11.4-12.4.mbs1.x86_64.rpm
 dec1324d8415a534313ae3865e7bbf60  mbs1/x86_64/x11-server-xephyr-1.11.4-12.4.mbs1.x86_64.rpm
 17ae85ad5ef3179af048b44244f364df  mbs1/x86_64/x11-server-xfake-1.11.4-12.4.mbs1.x86_64.rpm
 6371ff1e1dc720807a9555b762c99c11  mbs1/x86_64/x11-server-xfbdev-1.11.4-12.4.mbs1.x86_64.rpm
 ce121d0fdb82cc90b769ee2de130f77a  mbs1/x86_64/x11-server-xnest-1.11.4-12.4.mbs1.x86_64.rpm
 e49a81ca1f71d346550355f5a73aa117  mbs1/x86_64/x11-server-xorg-1.11.4-12.4.mbs1.x86_64.rpm
 b9a0c8b92642a451a0cc859385669f52  mbs1/x86_64/x11-server-xvfb-1.11.4-12.4.mbs1.x86_64.rpm 
 57f78b37d102a48d22d3a4045c247e95  mbs1/SRPMS/x11-server-1.11.4-12.4.mbs1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFS38kdmqjQ0CJFipgRAsb4AKDkIvZMt07yNLimzTiEj8im/ReTgQCeMCAZ
fahmlvLY54+t5KgbcKVXTdg=
=FLet
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ