[ MDKSA-2007:178 ] - Updated x11-server packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2007:178
http://www.mandriva.com/security/
_______________________________________________________________________
Package : x11-server
Date : September 11, 2007
Affected: 2007.0, 2007.1
_______________________________________________________________________
Problem Description:
Aaron Plattner discovered a buffer overflow in the Composite extension
of the X.org X server, which if exploited could lead to local privilege
escalation.
Updated packages have been patched to prevent these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4730
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.0:
b7f65f220a7e0d60468de2591480c81f
2007.0/i586/x11-server-1.1.1-12.2mdv2007.0.i586.rpm
6531fccbefc159f11ab350a5005a2a37
2007.0/i586/x11-server-common-1.1.1-12.2mdv2007.0.i586.rpm
d226660aa402ad02c1a6409a530315a4
2007.0/i586/x11-server-devel-1.1.1-12.2mdv2007.0.i586.rpm
1cbd8d452b28b3ef33fb87bd62627472
2007.0/i586/x11-server-xati-1.1.1-12.2mdv2007.0.i586.rpm
5ae5f6604245486ae6c4fe5718b4708d
2007.0/i586/x11-server-xchips-1.1.1-12.2mdv2007.0.i586.rpm
f5a5d272c45a70c27b10c01c4d5fedbe
2007.0/i586/x11-server-xdmx-1.1.1-12.2mdv2007.0.i586.rpm
97b8a31e97ce2560b084b31400f8db19
2007.0/i586/x11-server-xephyr-1.1.1-12.2mdv2007.0.i586.rpm
08215333e77aedf5295a2a7f3de363a6
2007.0/i586/x11-server-xepson-1.1.1-12.2mdv2007.0.i586.rpm
251281eb2c8bbc593c64c8431da23264
2007.0/i586/x11-server-xfake-1.1.1-12.2mdv2007.0.i586.rpm
2da1f5f9b51c5dc6382ddd75c6f21705
2007.0/i586/x11-server-xfbdev-1.1.1-12.2mdv2007.0.i586.rpm
649c70b4548c0a2c9cff273f6050b49a
2007.0/i586/x11-server-xgl-0.0.1-0.20060714.11.2mdv2007.0.i586.rpm
d9e4f46fc32a7ef7e0867d0be8c8d5a5
2007.0/i586/x11-server-xi810-1.1.1-12.2mdv2007.0.i586.rpm
031ae580506097876217fb649112d883
2007.0/i586/x11-server-xmach64-1.1.1-12.2mdv2007.0.i586.rpm
2239a80521a1b74505bff4b03eae9ade
2007.0/i586/x11-server-xmga-1.1.1-12.2mdv2007.0.i586.rpm
5c0ba6b312c07e8aa54d220be66dcccb
2007.0/i586/x11-server-xneomagic-1.1.1-12.2mdv2007.0.i586.rpm
d589cf3b29b764b0155f6fc4ccef7560
2007.0/i586/x11-server-xnest-1.1.1-12.2mdv2007.0.i586.rpm
4a4d7944f435dccd6e6d14a419451add
2007.0/i586/x11-server-xnvidia-1.1.1-12.2mdv2007.0.i586.rpm
a4dfc77d69799d1fff4cdd740afe97fc
2007.0/i586/x11-server-xorg-1.1.1-12.2mdv2007.0.i586.rpm
940ca130c5173a96be8a02d1cca00900
2007.0/i586/x11-server-xpm2-1.1.1-12.2mdv2007.0.i586.rpm
1a79715f3811769ccd6ebc9024e2c188
2007.0/i586/x11-server-xprt-1.1.1-12.2mdv2007.0.i586.rpm
763825c0b68ac98ef45d7b17191d5b6f
2007.0/i586/x11-server-xr128-1.1.1-12.2mdv2007.0.i586.rpm
afcddc9001954e94e25c71802dc3dbb0
2007.0/i586/x11-server-xsdl-1.1.1-12.2mdv2007.0.i586.rpm
88c03e6cf97ce32a58b867a323b749e0
2007.0/i586/x11-server-xsmi-1.1.1-12.2mdv2007.0.i586.rpm
f021f41f108226046db77b55c0ac893b
2007.0/i586/x11-server-xvesa-1.1.1-12.2mdv2007.0.i586.rpm
4095bf9b8b47e31234603e4edacb7116
2007.0/i586/x11-server-xvfb-1.1.1-12.2mdv2007.0.i586.rpm
503e8cd0668ede239bc78a0f855c5ab9
2007.0/i586/x11-server-xvia-1.1.1-12.2mdv2007.0.i586.rpm
e65256c48101eb1f0d51f8e246b74f9e
2007.0/SRPMS/x11-server-1.1.1-12.2mdv2007.0.src.rpm
c94f94783b9a833f9ba84a2c6447360b
2007.0/SRPMS/x11-server-xgl-0.0.1-0.20060714.11.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
0e28499a5c6b439a25d9fabb1a9a4b47
2007.0/x86_64/x11-server-1.1.1-12.2mdv2007.0.x86_64.rpm
f20c62bbccc71f6c501d25b4ea913a74
2007.0/x86_64/x11-server-common-1.1.1-12.2mdv2007.0.x86_64.rpm
c96011aa8acbab908139604c05ab23e4
2007.0/x86_64/x11-server-devel-1.1.1-12.2mdv2007.0.x86_64.rpm
729bc1d5ad879d4c1942899a4df7c59b
2007.0/x86_64/x11-server-xdmx-1.1.1-12.2mdv2007.0.x86_64.rpm
0d4c1599d50f76b792bbecc904f01567
2007.0/x86_64/x11-server-xephyr-1.1.1-12.2mdv2007.0.x86_64.rpm
90f0260b44b5fb3bedf77bd2cd0f6ceb
2007.0/x86_64/x11-server-xfake-1.1.1-12.2mdv2007.0.x86_64.rpm
1db3512f3401934ffd82a12e74d3a3bf
2007.0/x86_64/x11-server-xfbdev-1.1.1-12.2mdv2007.0.x86_64.rpm
24812e53f83a6751fad94544814fbb63
2007.0/x86_64/x11-server-xgl-0.0.1-0.20060714.11.2mdv2007.0.x86_64.rpm
84b70cd0146b642215596eec51dcb7b1
2007.0/x86_64/x11-server-xnest-1.1.1-12.2mdv2007.0.x86_64.rpm
b16678c47a6f526e904eb764d1aa5c68
2007.0/x86_64/x11-server-xorg-1.1.1-12.2mdv2007.0.x86_64.rpm
5466332d5fd645bd0b1de06f41f2e7d7
2007.0/x86_64/x11-server-xprt-1.1.1-12.2mdv2007.0.x86_64.rpm
071baaa67706c90aac05e9362b32f1de
2007.0/x86_64/x11-server-xsdl-1.1.1-12.2mdv2007.0.x86_64.rpm
d0cfa2a81086e55ad3a024da165e1570
2007.0/x86_64/x11-server-xvfb-1.1.1-12.2mdv2007.0.x86_64.rpm
e65256c48101eb1f0d51f8e246b74f9e
2007.0/SRPMS/x11-server-1.1.1-12.2mdv2007.0.src.rpm
c94f94783b9a833f9ba84a2c6447360b
2007.0/SRPMS/x11-server-xgl-0.0.1-0.20060714.11.2mdv2007.0.src.rpm
Mandriva Linux 2007.1:
68d47b19c4b867ee11f15b71f3c8226a
2007.1/i586/x11-server-1.2.0-9.3mdv2007.1.i586.rpm
39872d0705024f838c47bdeb5c01b63b
2007.1/i586/x11-server-common-1.2.0-9.3mdv2007.1.i586.rpm
58c57bf66d436909db3aa46332f1161d
2007.1/i586/x11-server-devel-1.2.0-9.3mdv2007.1.i586.rpm
7f46aea7b12cc7d63ca1094e45fd8185
2007.1/i586/x11-server-xati-1.2.0-9.3mdv2007.1.i586.rpm
ce49e5eb2b938d0b2439c4d23cc6c886
2007.1/i586/x11-server-xchips-1.2.0-9.3mdv2007.1.i586.rpm
1b8288fa1550e75e506ebb5613fab8b1
2007.1/i586/x11-server-xdmx-1.2.0-9.3mdv2007.1.i586.rpm
051d34d81ae1e041fbec3d2d3142178e
2007.1/i586/x11-server-xephyr-1.2.0-9.3mdv2007.1.i586.rpm
d3771704e8094acc9a19f31d0a3e5b23
2007.1/i586/x11-server-xepson-1.2.0-9.3mdv2007.1.i586.rpm
d1af00fd18f02cebe28c319319b7147a
2007.1/i586/x11-server-xfake-1.2.0-9.3mdv2007.1.i586.rpm
b742892b760c61c6ea689a5541246c5d
2007.1/i586/x11-server-xfbdev-1.2.0-9.3mdv2007.1.i586.rpm
3e9ab8e79ccd908056943704eb849659
2007.1/i586/x11-server-xgl-0.0.1-0.20070105.4.2mdv2007.1.i586.rpm
170e7f0b8cae29dcd4fbd54ece1c89f8
2007.1/i586/x11-server-xi810-1.2.0-9.3mdv2007.1.i586.rpm
491413b40e7dc71b86cba615bca7c465
2007.1/i586/x11-server-xmach64-1.2.0-9.3mdv2007.1.i586.rpm
5890faac3b923e21c0dc5bded02d086e
2007.1/i586/x11-server-xmga-1.2.0-9.3mdv2007.1.i586.rpm
f494f66f71ddc5b69479a23ce201a41d
2007.1/i586/x11-server-xneomagic-1.2.0-9.3mdv2007.1.i586.rpm
c8e42471bdbbdc4a66ffd91b1f0cb182
2007.1/i586/x11-server-xnest-1.2.0-9.3mdv2007.1.i586.rpm
701cd236e6a50d072bf10e2d739dea99
2007.1/i586/x11-server-xnvidia-1.2.0-9.3mdv2007.1.i586.rpm
6c0a51eb71c5e08a514065a86940345b
2007.1/i586/x11-server-xorg-1.2.0-9.3mdv2007.1.i586.rpm
2dd8ca5bbce666924593f66ed7e9186c
2007.1/i586/x11-server-xpm2-1.2.0-9.3mdv2007.1.i586.rpm
d53a2928b2068609b8429baa3de55098
2007.1/i586/x11-server-xprt-1.2.0-9.3mdv2007.1.i586.rpm
a167c69874d9122d19806af6ac57e10c
2007.1/i586/x11-server-xr128-1.2.0-9.3mdv2007.1.i586.rpm
e21ed3731dbf7e5345e4c57223e1c47d
2007.1/i586/x11-server-xsdl-1.2.0-9.3mdv2007.1.i586.rpm
3642c4ab48e21c5f810e83502aec4ff0
2007.1/i586/x11-server-xsmi-1.2.0-9.3mdv2007.1.i586.rpm
24004ec8195d11e8fb0e13ba19c700a7
2007.1/i586/x11-server-xvesa-1.2.0-9.3mdv2007.1.i586.rpm
74bd661eaf42b16fe38c4b08a268600b
2007.1/i586/x11-server-xvfb-1.2.0-9.3mdv2007.1.i586.rpm
5d340c30d104e1396436f6d6a83b21db
2007.1/i586/x11-server-xvia-1.2.0-9.3mdv2007.1.i586.rpm
9abbbeae06a1e0c527d96236ca9cc41e
2007.1/i586/x11-server-xvnc-1.2.0-9.3mdv2007.1.i586.rpm
893f78ce4f78b7def6d01c02d28262b7
2007.1/SRPMS/x11-server-1.2.0-9.3mdv2007.1.src.rpm
6df770cb70e3eb4bc5cd9baa9af8b0c9
2007.1/SRPMS/x11-server-xgl-0.0.1-0.20070105.4.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
fe1fb94aff46fdfb0b8a1f1d325267b6
2007.1/x86_64/x11-server-1.2.0-9.3mdv2007.1.x86_64.rpm
50451c60869e8790c386de687462b208
2007.1/x86_64/x11-server-common-1.2.0-9.3mdv2007.1.x86_64.rpm
7dd32f5f112988c8ea7260f0ce21123e
2007.1/x86_64/x11-server-devel-1.2.0-9.3mdv2007.1.x86_64.rpm
886994cfc8ee33d2ec47f8c5fd5498f6
2007.1/x86_64/x11-server-xdmx-1.2.0-9.3mdv2007.1.x86_64.rpm
746ffd08c46db2b3c1d3d6978aa4750c
2007.1/x86_64/x11-server-xephyr-1.2.0-9.3mdv2007.1.x86_64.rpm
1245fecc83cf5be468248891a64ff533
2007.1/x86_64/x11-server-xfake-1.2.0-9.3mdv2007.1.x86_64.rpm
c298bd4969d404cf917496daf93fae2e
2007.1/x86_64/x11-server-xfbdev-1.2.0-9.3mdv2007.1.x86_64.rpm
6deb0b784971e39c3a488ec8cbd14393
2007.1/x86_64/x11-server-xgl-0.0.1-0.20070105.4.2mdv2007.1.x86_64.rpm
7e17896d835ba51451c04d075db91894
2007.1/x86_64/x11-server-xnest-1.2.0-9.3mdv2007.1.x86_64.rpm
2aab234827f3c4d61c47d5ebd7af4a8b
2007.1/x86_64/x11-server-xorg-1.2.0-9.3mdv2007.1.x86_64.rpm
8cfcf665a3979e1faaab471444adcd64
2007.1/x86_64/x11-server-xprt-1.2.0-9.3mdv2007.1.x86_64.rpm
657e13900d1e6a9844261e4428fb2776
2007.1/x86_64/x11-server-xsdl-1.2.0-9.3mdv2007.1.x86_64.rpm
61186f95dc6356f5be674d0497fc2251
2007.1/x86_64/x11-server-xvfb-1.2.0-9.3mdv2007.1.x86_64.rpm
287707c225cb7f3069ed2393b7f6dcbb
2007.1/x86_64/x11-server-xvnc-1.2.0-9.3mdv2007.1.x86_64.rpm
893f78ce4f78b7def6d01c02d28262b7
2007.1/SRPMS/x11-server-1.2.0-9.3mdv2007.1.src.rpm
6df770cb70e3eb4bc5cd9baa9af8b0c9
2007.1/SRPMS/x11-server-xgl-0.0.1-0.20070105.4.2mdv2007.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFG5xaqmqjQ0CJFipgRAhRuAJ9Y5j0mYanN/+HMYvdSBybAFfIm2QCcC1Ul
fqRU1TTiYp26HW5hDH6qFLc=
=qpa2
-----END PGP SIGNATURE-----