Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:0427-1

Опубликовано: 27 июн. 2014
Источник: suse-cvrf

Описание

Recommended update for xorg-x11-server

This collective update for xorg-x11-server provides the following fixes:

* Fix a segmentation fault that can occur when X11 packets are forwarded between a client and a server with different endianess. (bnc#874903) * Free software cursor backing pixmap when transition between screens. This fixes a crash in multi screen support when an assert gets hit. (bnc#880835) * Ignore numlock in Xvnc. Following keys from VNC client will be already modulated by numlock on client side. (bnc#878446) * Fix crash when Xinerama gets disabled after RanR12 is initialized. (bnc#878433) * Prevent crash at the end of 2nd server generation when number of privates differ between 1st and 2nd. (bnc#883598) * Move Xinerama disable when only one screen is present to main loop. (bnc#883598) * Improve Xinerama command line option handling. (bnc#883598) * Work around a possible crash when object belongs to a client that no longer exists. (bnc#883516) * Try to make keyboard bell ring on all devices attached to master keyboard. (bnc#879019) * Implement DeleteInputDeviceRequest in Xvnc to avoid server crash when the Xserver restarts after a server reset. (bnc#880745).

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3
xorg-x11-Xvnc-7.4-27.97.1
xorg-x11-server-7.4-27.97.1
xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3
xorg-x11-Xvnc-7.4-27.97.1
xorg-x11-server-7.4-27.97.1
xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
xorg-x11-Xvnc-7.4-27.97.1
xorg-x11-server-7.4-27.97.1
xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server for SAP Applications 11 SP3
xorg-x11-Xvnc-7.4-27.97.1
xorg-x11-server-7.4-27.97.1
xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Software Development Kit 11 SP3
xorg-x11-server-sdk-7.4-27.97.1

Ссылки

Описание

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a crafted connection request.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) __glXDisp_ReadPixels, (2) __glXDispSwap_ReadPixels, (3) __glXDisp_GetTexImage, (4) __glXDispSwap_GetTexImage, (5) GetSeparableFilter, (6) GetConvolutionFilter, (7) GetHistogram, (8) GetMinmax, (9) GetColorTable, (10) __glXGetAnswerBuffer, (11) __GLX_GET_ANSWER_BUFFER, (12) __glXMap1dReqSize, (13) __glXMap1fReqSize, (14) Map2Size, (15) __glXMap2dReqSize, (16) __glXMap2fReqSize, (17) __glXImageSize, or (18) __glXSeparableFilter2DReqSize function, which triggers an out-of-bounds read or write.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, which triggers an out-of-bounds read or write.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXChangeDeviceControl, (2) ProcXChangeDeviceControl, (3) ProcXChangeFeedbackControl, (4) ProcXSendExtensionEvent, (5) SProcXIAllowEvents, (6) SProcXIChangeCursor, (7) ProcXIChangeHierarchy, (8) SProcXIGetClientPointer, (9) SProcXIGrabDevice, (10) SProcXIUngrabDevice, (11) ProcXIUngrabDevice, (12) SProcXIPassiveGrabDevice, (13) ProcXIPassiveGrabDevice, (14) SProcXIPassiveUngrabDevice, (15) ProcXIPassiveUngrabDevice, (16) SProcXListDeviceProperties, (17) SProcXDeleteDeviceProperty, (18) SProcXIListProperties, (19) SProcXIDeleteProperty, (20) SProcXIGetProperty, (21) SProcXIQueryDevice, (22) SProcXIQueryPointer, (23) SProcXISelectEvents, (24) SProcXISetClientPointer, (25) SProcXISetFocus, (26) SProcXIGetFocus, or (27) SProcXIWarpPointer function.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcDbeSwapBuffers or (2) SProcDbeSwapBuffers function.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) __glXDisp_Render, (2) __glXDisp_RenderLarge, (3) __glXDispSwap_VendorPrivate, (4) __glXDispSwap_VendorPrivateWithReply, (5) set_client_info, (6) __glXDispSwap_SetClientInfoARB, (7) DoSwapInterval, (8) DoGetProgramString, (9) DoGetString, (10) __glXDispSwap_RenderMode, (11) __glXDisp_GetCompressedTexImage, (12) __glXDispSwap_GetCompressedTexImage, (13) __glXDisp_FeedbackBuffer, (14) __glXDispSwap_FeedbackBuffer, (15) __glXDisp_SelectBuffer, (16) __glXDispSwap_SelectBuffer, (17) __glXDisp_Flush, (18) __glXDispSwap_Flush, (19) __glXDisp_Finish, (20) __glXDispSwap_Finish, (21) __glXDisp_ReadPixels, (22) __glXDispSwap_ReadPixels, (23) __glXDisp_GetTexImage, (24) __glXDispSwap_GetTexImage, (25) __glXDisp_GetPolygonStipple, (26) __glXDispSwap_GetPolygonStipple, (27) __glXDisp_GetSeparableFilter, (28) __glXDisp_GetSeparableFilterEXT, (29) __glXDisp_GetConvolutionFilter, (30) __glXDisp_GetConvolutionFilterEXT, (31) __glXDisp_GetHistogram, (32) __glXDisp_GetHistogramEXT, (33) __glXDisp_GetMinmax, (34) __glXDisp_GetMinmaxEXT, (35) __glXDisp_GetColorTable, (36) __glXDisp_GetColorTableSGI, (37) GetSeparableFilter, (38) GetConvolutionFilter, (39) GetHistogram, (40) GetMinmax, or (41) GetColorTable function.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXvQueryExtension, (2) SProcXvQueryAdaptors, (3) SProcXvQueryEncodings, (4) SProcXvGrabPort, (5) SProcXvUngrabPort, (6) SProcXvPutVideo, (7) SProcXvPutStill, (8) SProcXvGetVideo, (9) SProcXvGetStill, (10) SProcXvPutImage, (11) SProcXvShmPutImage, (12) SProcXvSelectVideoNotify, (13) SProcXvSelectPortNotify, (14) SProcXvStopVideo, (15) SProcXvSetPortAttribute, (16) SProcXvGetPortAttribute, (17) SProcXvQueryBestSize, (18) SProcXvQueryPortAttributes, (19) SProcXvQueryImageAttributes, or (20) SProcXvListImageFormats function.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcRenderQueryVersion, (2) SProcRenderQueryVersion, (3) SProcRenderQueryPictFormats, (4) SProcRenderQueryPictIndexValues, (5) SProcRenderCreatePicture, (6) SProcRenderChangePicture, (7) SProcRenderSetPictureClipRectangles, (8) SProcRenderFreePicture, (9) SProcRenderComposite, (10) SProcRenderScale, (11) SProcRenderCreateGlyphSet, (12) SProcRenderReferenceGlyphSet, (13) SProcRenderFreeGlyphSet, (14) SProcRenderFreeGlyphs, or (15) SProcRenderCompositeGlyphs function.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcRRQueryVersion, (2) SProcRRGetScreenInfo, (3) SProcRRSelectInput, or (4) SProcRRConfigureOutputProperty function.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length value.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки

Описание

The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-Xvnc-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-7.4-27.97.1
SUSE Linux Enterprise Desktop 11 SP3:xorg-x11-server-extra-7.4-27.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:xorg-x11-Xvnc-7.4-27.97.1
Ссылки
Уязвимость SUSE-SU-2015:0427-1