Описание
ELSA-2019-2079: Xorg security and bug fix update (MODERATE)
gdm [3.28.2-16]
- Dont bring up login screen if background session gets killed Related: #1680120
[3.28.2-15]
- sync AllowMultipleSessionsPerUser patch from 7.6 branch Resolves: #1664353
- Create dconf dirs by default Resolves: #1664284
[3.28.2-14]
- Fix unlock on XDMCP sessions Resolves: #1693060
[3.28.2-13]
- Fix login on s390 Resolves: #1680060
libX11 [1.6.7-2]
- Restore the less-alarming server-disconnect message
[1.6.7-1]
- libX11 1.6.7
[1.6.5-3]
- Make the server-disconnect message less alarming
libxkbcommon [0.7.1-3]
- Actually apply the patch files
[0.7.1-2]
- Fixes for CVE-2018-15864, CVE-2018-15863, CVE-2018-15862, CVE-2018-15861, CVE-2018-15859 CVE-2018-15857, CVE-2018-15856, CVE-2018-15855, CVE-2018-15854, CVE-2018-15853
mesa-libGLw [8.0.0-5]
- Fix external API symbol visibility
xorg-x11-drv-ati [19.0.1-2]
- Avoid breakage on Xserver reset (#1674474)
[19.0.1-1]
- ati 19.0.1
xorg-x11-drv-vesa [2.4.0-3]
- Refuse to run on UEFI framebuffers for v3.10 kernels too
[2.4.0-2]
- Refuse to run on UEFI framebuffers
xorg-x11-drv-wacom [0.36.1-3]
- Ratelimit the bug message warnings (#1642197)
[0.36.1-2]
- Fix Cintiq 27QHD error message on proximity in (#1642197)
[0.36.1-1.1]
- Rebuild for xserver 1.20
xorg-x11-server [1.20.4-7]
- Fix a segfault with non-PCI platform devices (and other cases)
[1.20.4-6]
- Stop VT switching when inactive server dies Resolves: #1680120
[1.20.4-5]
- Fix a crash in RRProviderAutoConfigGpuScreen
[1.20.4-3]
- Backport fix for 1612924 - enabled monitors
[1.20.4-2]
- Dont reset last.valuators on slave device switch (#1640207)
[1.20.4-1]
- xserver 1.20.4
[1.20.1-7]
- Sync platform probe patch with upstream
[1.20.1-6]
- Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen
[1.20.1-5.1]
- CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
gdm
3.28.2-16.el7
gdm-devel
3.28.2-16.el7
gdm-pam-extensions-devel
3.28.2-16.el7
libX11
1.6.7-2.el7
libX11-common
1.6.7-2.el7
libX11-devel
1.6.7-2.el7
libxkbcommon
0.7.1-3.el7
libxkbcommon-devel
0.7.1-3.el7
libxkbcommon-x11
0.7.1-3.el7
libxkbcommon-x11-devel
0.7.1-3.el7
mesa-libGLw
8.0.0-5.el7
mesa-libGLw-devel
8.0.0-5.el7
xorg-x11-drv-ati
19.0.1-2.el7
xorg-x11-drv-wacom
0.36.1-3.el7
xorg-x11-drv-wacom-devel
0.36.1-3.el7
xorg-x11-server-Xdmx
1.20.4-7.el7
xorg-x11-server-Xephyr
1.20.4-7.el7
xorg-x11-server-Xnest
1.20.4-7.el7
xorg-x11-server-Xorg
1.20.4-7.el7
xorg-x11-server-Xvfb
1.20.4-7.el7
xorg-x11-server-Xwayland
1.20.4-7.el7
xorg-x11-server-common
1.20.4-7.el7
xorg-x11-server-devel
1.20.4-7.el7
xorg-x11-server-source
1.20.4-7.el7
Oracle Linux x86_64
gdm
3.28.2-16.el7
gdm-devel
3.28.2-16.el7
gdm-pam-extensions-devel
3.28.2-16.el7
libX11
1.6.7-2.el7
libX11-common
1.6.7-2.el7
libX11-devel
1.6.7-2.el7
libxkbcommon
0.7.1-3.el7
libxkbcommon-devel
0.7.1-3.el7
libxkbcommon-x11
0.7.1-3.el7
libxkbcommon-x11-devel
0.7.1-3.el7
mesa-libGLw
8.0.0-5.el7
mesa-libGLw-devel
8.0.0-5.el7
xorg-x11-drv-ati
19.0.1-2.el7
xorg-x11-drv-vesa
2.4.0-3.el7
xorg-x11-drv-wacom
0.36.1-3.el7
xorg-x11-drv-wacom-devel
0.36.1-3.el7
xorg-x11-server-Xdmx
1.20.4-7.el7
xorg-x11-server-Xephyr
1.20.4-7.el7
xorg-x11-server-Xnest
1.20.4-7.el7
xorg-x11-server-Xorg
1.20.4-7.el7
xorg-x11-server-Xvfb
1.20.4-7.el7
xorg-x11-server-Xwayland
1.20.4-7.el7
xorg-x11-server-common
1.20.4-7.el7
xorg-x11-server-devel
1.20.4-7.el7
xorg-x11-server-source
1.20.4-7.el7
Ссылки на источники
Связанные уязвимости
Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation.
Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation.