FS#35513 : [xorg] Dozens of vulnerability fixes for Xorg libraries

FS#35513 - [xorg] Dozens of vulnerability fixes for Xorg libraries

Attached to Project: Arch Linux
Opened by Andreas (misc) - Monday, 27 May 2013, 23:59 GMT
Last edited by Andreas Radke (AndyRTR) - Thursday, 30 May 2013, 14:42 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	Jan de Groot (JGC) Andreas Radke (AndyRTR)
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Peter Weber (hoschi) (2013-05-28)
Private	No

Details

Over the last week Alan Coopersmith pushed dozens of vulnerability fixes for numerous Xorg libraries, none of which so far received a new release. Check their respective git pages for more.

http://cgit.freedesktop.org/xorg/?s=idle

For instance:
CVE-2013-2064 in libxcb: http://cgit.freedesktop.org/xcb/libxcb/
CVE-2013-1999 & CVE-2013-1990 in libXvMC http://cgit.freedesktop.org/xorg/lib/libXvMC/
CVE-2013-1995 & CVE-2013-1984 in libXi http://cgit.freedesktop.org/xorg/lib/libXi/
CVE-2013-1988 in libXRes http://cgit.freedesktop.org/xorg/lib/libXRes/

etc. etc.

This task depends upon

Closed by Andreas Radke (AndyRTR)
Thursday, 30 May 2013, 14:42 GMT
Reason for closing: Deferred
Additional comments about closing: Upstream release tarballs are coming in over these days.

Comment by Andreas Radke (AndyRTR) - Tuesday, 28 May 2013, 15:07 GMT

New releases are planned very soon. I don't want to patch all packages before these releases. Some patches seem to have unwanted side effects.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#35513 - [xorg] Dozens of vulnerability fixes for Xorg libraries

Details

Loading...