From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1595-1
[email protected] http://www.debian.org/security/ Thijs Kinkhorst
June 11, 2008
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : xorg-server
Vulnerability : several
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-1377 CVE-2008-1379 CVE-2008-2360 CVE-2008-2361
CVE-2008-2362
Several local vulnerabilities have been discovered in the X Window system.
The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2008-1377
Lack of validation of the parameters of the
SProcSecurityGenerateAuthorization SProcRecordCreateContext
functions makes it possible for a specially crafted request to trigger
the swapping of bytes outside the parameter of these requests, causing
memory corruption.
CVE-2008-1379
An integer overflow in the validation of the parameters of the
ShmPutImage() request makes it possible to trigger the copy of
arbitrary server memory to a pixmap that can subsequently be read by
the client, to read arbitrary parts of the X server memory space.
CVE-2008-2360
An integer overflow may occur in the computation of the size of the
glyph to be allocated by the AllocateGlyph() function which will cause
less memory to be allocated than expected, leading to later heap
overflow.
CVE-2008-2361
An integer overflow may occur in the computation of the size of the
glyph to be allocated by the ProcRenderCreateCursor() function which
will cause less memory to be allocated than expected, leading later
to dereferencing un-mapped memory, causing a crash of the X server.
CVE-2008-2362
Integer overflows can also occur in the code validating the parameters
for the SProcRenderCreateLinearGradient, SProcRenderCreateRadialGradient
and SProcRenderCreateConicalGradient functions, leading to memory
corruption by swapping bytes outside of the intended request
parameters.
For the stable distribution (etch), these problems have been fixed in version 2:1.1.1-21etch5.
For the unstable distribution (sid), these problems have been fixed in
version 2:1.4.1~git20080517-2.
We recommend that you upgrade your xorg-server package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/x/xorg-server/xorg-server_1.1.1.orig.tar.gz
Size/MD5 checksum: 8388609 15852049050e49f380f953d8715500b9
http://security.debian.org/pool/updates/main/x/xorg-server/xorg-server_1.1.1-21etch5.diff.gz
Size/MD5 checksum: 632764 c982d4e00ede14d7627297a457d0320b
http://security.debian.org/pool/updates/main/x/xorg-server/xorg-server_1.1.1-21etch5.dsc
Size/MD5 checksum: 2024 fc534ccff948c702a4ef0cf531deaccf
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 353656 2706862a69138ee94fcbb31211e0c4a5
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 4455548 ff3a26b71c5e317258df73baa97ab7e2
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 1030886 44ff2d44fcfaf0473e7bdc43180f0beb
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 1767104 79c0289e2d897f6173240887459a6bd4
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 1930704 c6ef24273a6f88b77088e2cd8cd8db1e
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 140478 286561a4926171499be367df85bc7146
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 1964526 22a6658d46f631e0a60c618dd4fb723d
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 134018 08d9419fdbff4f1e163122fa5112e336
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 1654086 37abd310608a1204a95e90878fd0e1d1
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 859948 37099efb5371cb17f6689e3c90dd0038
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 1472576 c0e587f113cc6fd656587ed08959bff2
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 1622812 ccb434f8e7dc1908c61652f71a4512cd
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 350956 5cf742aa111b5e006d015e85bb7afdfb
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 3919134 e1befedf8342c06a50ea3dd84ac5da5f
arm architecture (ARM)
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 125572 4f0f268985c0596e0f5b059459308abd
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 3778010 e716984d0990375c62a0d5a4a5cbabc0
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 352298 462cb5ee2ccfb0d220a94413b4fa0e77
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 1446028 cd0fca4306ea72641d82bcf8751fc418
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)