Security update for xorg-x11-server
This update for xorg-x11-server fixes the following security issues:
- CVE-2017-2624: Prevent timing attack against MIT cookie. (boo#1025029)
- Use arc4random to generate cookies with more randomness. (boo#1025084)
- Remove unused function with use-after-free issue. (boo#1025035)
-
Submitted by
Stefan Dirsch (sndirsch)
Fixed bugs
bnc#1025035
VUL-1: xorg-x11-server: Potential Use after Free in Xorg Server in XdmToID()
bnc#1025029
VUL-0: CVE-2017-2624: xorg-x11-server: Timing attack against MIT Cookie
bnc#1025084
VUL-0: xorg-x11-server: Weak Entropy Usage in xorg server in GenerateRandomData()
