openSUSE Build Service

Overview Details Repositories Revisions Requests Users Attributes Meta

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following vulnerabilities:

* CVE-2017-12176: Unvalidated extra length in ProcEstablishConnection (bsc#1063041)
* CVE-2017-12177: dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo (bsc#1063040)
* CVE-2017-12178: Xi: fix wrong extra length check in ProcXIChangeHierarchy (bsc#1063039)
* CVE-2017-12179: Xi: integer overflow and unvalidated length in (S)ProcXIBarrierReleasePointer (bsc#1063038)
* CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Unvalidated lengths in XFree86-VidMode/XFree86-DGA/XFree86-DRI extension (bsc#1063037)
* CVE-2017-12183: Unvalidated lengths in XFIXES extension (bsc#1063035)
* CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Unvalidated lengths in multiple extensions (bsc#1063034)

Submitted by Stefan Dirsch (sndirsch)

Fixed bugs

bnc#1063041

VUL-0: CVE-2017-12176: xorg-x11-server: Unvalidated extra length in ProcEstablishConnection

bnc#1063040

VUL-0: CVE-2017-12177: xorg-x11-server: dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo

bnc#1063039

VUL-0: CVE-2017-12178: xorg-x11-server: Xi: fix wrong extra length check in ProcXIChangeHierarchy

bnc#1063038

VUL-0: CVE-2017-12179: xorg-x11-server: Xi: integer overflow and unvalidated length in (S)ProcXIBarrierReleasePointer

bnc#1063037

VUL-0: CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: xorg-x11-server: Unvalidated lengths in XFree86-VidMode/XFree86-DGA/XFree86-DRI extension

bnc#1063035

VUL-0: CVE-2017-12183: xorg-x11-server: Unvalidated lengths in XFIXES extension

bnc#1063034

VUL-0: CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: xorg-x11-server: Unvalidated lengths in multiple extensions

Places

Fixed bugs

Selected Binaries

Places