[Frugalware-security] [ FSA-277 ] xorg-server
vmiklos
noreply at frugalware.org
Sun Sep 23 13:51:40 CEST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Frugalware Security Advisory FSA-277
Date: 2007-09-23
Package: xorg-server
Vulnerable versions: <= 1.2.0-2terminus1
Unaffected versions: >= 1.2.0-2terminus2
Related bugreport: http://bugs.frugalware.org/task/2411
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4730
Description
===========
A vulnerability has been reported in X.org X11, which potentially can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is caused due to a boundary error within the composite extension when copying data from pixmaps with different bit depths. This can be exploited to cause a buffer overflow by copying data between specially crafted pixmaps.
Updated Packages
================
Check if you have xorg-server installed:
# pacman-g2 -Q xorg-server
If found, then you should upgrade to the latest version:
# pacman-g2 -Sy xorg-server
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info
iD8DBQFG9lNMZ7NElSD1VhkRAnwFAJoCZz3PblQVtgymGg/ErCGHK2rwkgCbBFLs
Xxh5LjYGbxjmtp0yNlf4YSU=
=pAxu
-----END PGP SIGNATURE-----
More information about the Frugalware-security
mailing list