FS#38401 - [xorg-server] security patch for CVE-2013-6424
Attached to Project:
Arch Linux
Opened by RbN (RbN) - Monday, 06 January 2014, 21:06 GMT
Last edited by Laurent Carlier (lordheavy) - Monday, 06 January 2014, 22:41 GMT
Opened by RbN (RbN) - Monday, 06 January 2014, 21:06 GMT
Last edited by Laurent Carlier (lordheavy) - Monday, 06 January 2014, 22:41 GMT
|
Details
Description (from redhat Bugzilla [0]):
"An integer underflow flaw was found in the X.Org server when handling trapezoids. A malicious, authorized client could use this flaw to crash the X.Org server." CVE attribution [1] This bug affects both 1.14 and 1.15 (currently in testing). The related bug in pixman (aka CVE-2013-6425) is already corrected in archlinux repositories ;) Resolution : upstream patch [2] Ressources: [0] https://bugzilla.redhat.com/show_bug.cgi?id=1037984 [1] http://seclists.org/oss-sec/2013/q4/399 [2] http://patchwork.freedesktop.org/patch/14769/ |
This task depends upon
Closed by Laurent Carlier (lordheavy)
Monday, 06 January 2014, 22:41 GMT
Reason for closing: Fixed
Additional comments about closing: xorg-server 1.15.0-4
xorg-server 1.14.5-2
Monday, 06 January 2014, 22:41 GMT
Reason for closing: Fixed
Additional comments about closing: xorg-server 1.15.0-4
xorg-server 1.14.5-2