FS#35513 - [xorg] Dozens of vulnerability fixes for Xorg libraries
Attached to Project:
Arch Linux
Opened by Andreas (misc) - Monday, 27 May 2013, 23:59 GMT
Last edited by Andreas Radke (AndyRTR) - Thursday, 30 May 2013, 14:42 GMT
Opened by Andreas (misc) - Monday, 27 May 2013, 23:59 GMT
Last edited by Andreas Radke (AndyRTR) - Thursday, 30 May 2013, 14:42 GMT
|
Details
Over the last week Alan Coopersmith pushed dozens of
vulnerability fixes for numerous Xorg libraries, none of
which so far received a new release. Check their respective
git pages for more.
http://cgit.freedesktop.org/xorg/?s=idle For instance: CVE-2013-2064 in libxcb: http://cgit.freedesktop.org/xcb/libxcb/ CVE-2013-1999 & CVE-2013-1990 in libXvMC http://cgit.freedesktop.org/xorg/lib/libXvMC/ CVE-2013-1995 & CVE-2013-1984 in libXi http://cgit.freedesktop.org/xorg/lib/libXi/ CVE-2013-1988 in libXRes http://cgit.freedesktop.org/xorg/lib/libXRes/ etc. etc. |
This task depends upon
Closed by Andreas Radke (AndyRTR)
Thursday, 30 May 2013, 14:42 GMT
Reason for closing: Deferred
Additional comments about closing: Upstream release tarballs are coming in over these days.
Thursday, 30 May 2013, 14:42 GMT
Reason for closing: Deferred
Additional comments about closing: Upstream release tarballs are coming in over these days.
Comment by Andreas Radke (AndyRTR) -
Tuesday, 28 May 2013, 15:07 GMT
New releases are planned very soon. I don't want to patch all
packages before these releases. Some patches seem to have unwanted
side effects.