drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in xorg-server
Name: |
Preisgabe von Informationen in xorg-server |
|
ID: |
SSA:2013-109-01 |
|
Distribution: |
Slackware |
|
Plattformen: |
Slackware -current, Slackware x86_64 -current, Slackware x86_64 13.37, Slackware 13.37, Slackware 14.0, Slackware x86_64 14.0 |
|
Datum: |
Sa, 20. April 2013, 13:12 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1940 |
|
Applikationen: |
X11 |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[slackware-security] xorg-server (SSA:2013-109-01)
New xorg-server packages are available for Slackware 13.37, 14.0, and -current to fix a security issue.
Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+ patches/packages/xorg-server-1.12.4-i486-1_slack14.0.txz: Upgraded. This update fixes an input flush bug with evdev. Under exceptional conditions (keyboard input during device hotplugging), this could leak a small amount of information intended for the X server. This issue was evaluated to be of low impact. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1940 http://lists.x.org/archives/xorg-devel/2013-April/036014.html (* Security fix *) patches/packages/xorg-server-xephyr-1.12.4-i486-1_slack14.0.txz: Upgraded. patches/packages/xorg-server-xnest-1.12.4-i486-1_slack14.0.txz: Upgraded. patches/packages/xorg-server-xvfb-1.12.4-i486-1_slack14.0.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.37: xorg-server-1.9.5-i486-2_slack13.37.txz xorg-server-xephyr-1.9.5-i486-2_slack13.37.txz xorg-server-xnest-1.9.5-i486-2_slack13.37.txz xorg-server-xvfb-1.9.5-i486-2_slack13.37.txz
Updated packages for Slackware x86_64 13.37: xorg-server-1.9.5-x86_64-2_slack13.37.txz xorg-server-xephyr-1.9.5-x86_64-2_slack13.37.txz xorg-server-xnest-1.9.5-x86_64-2_slack13.37.txz xorg-server-xvfb-1.9.5-x86_64-2_slack13.37.txz
Updated packages for Slackware 14.0: xorg-server-1.12.4-i486-1_slack14.0.txz xorg-server-xephyr-1.12.4-i486-1_slack14.0.txz xorg-server-xnest-1.12.4-i486-1_slack14.0.txz xorg-server-xvfb-1.12.4-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: xorg-server-1.12.4-x86_64-1_slack14.0.txz xorg-server-xephyr-1.12.4-x86_64-1_slack14.0.txz xorg-server-xnest-1.12.4-x86_64-1_slack14.0.txz xorg-server-xvfb-1.12.4-x86_64-1_slack14.0.txz
Updated packages for Slackware -current: xorg-server-1.13.4-i486-1.txz xorg-server-xephyr-1.13.4-i486-1.txz xorg-server-xnest-1.13.4-i486-1.txz xorg-server-xvfb-1.13.4-i486-1.txz
Updated packages for Slackware x86_64 -current: xorg-server-1.13.4-x86_64-1.txz xorg-server-xephyr-1.13.4-x86_64-1.txz xorg-server-xnest-1.13.4-x86_64-1.txz xorg-server-xvfb-1.13.4-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.37 packages: f9fb8302617c3adbe6b990f69b50ea41 xorg-server-1.9.5-i486-2_slack13.37.txz e0e6633d916062a0ff5d6399e8ee37dc xorg-server-xephyr-1.9.5-i486-2_slack13.37.txz a2ad861a624d7c023b15ad6d1619f006 xorg-server-xnest-1.9.5-i486-2_slack13.37.txz 2fe18a301cb3347bac78b5566539e4ca xorg-server-xvfb-1.9.5-i486-2_slack13.37.txz
Slackware x86_64 13.37 packages: 1dd0651df7a8fe40dce1036cbe811e31 xorg-server-1.9.5-x86_64-2_slack13.37.txz 80d02ea8a865deddcf93151d9da7f52b xorg-server-xephyr-1.9.5-x86_64-2_slack13.37.txz 9de55c8b950f8a09e3a22eebf8a6ce7f xorg-server-xnest-1.9.5-x86_64-2_slack13.37.txz 3df6413ba79b5c4068ce1bdb0b9d86c8 xorg-server-xvfb-1.9.5-x86_64-2_slack13.37.txz
Slackware 14.0 packages: f6051eb053f3cf3b97324d74af408e3e xorg-server-1.12.4-i486-1_slack14.0.txz 8d3b5a4458277050a2e3013f6e4875fe xorg-server-xephyr-1.12.4-i486-1_slack14.0.txz 7adecd324f0fc4f5528a0d72d7c9fca8 xorg-server-xnest-1.12.4-i486-1_slack14.0.txz ccf8cae6dfdad7a928415242a57391b1 xorg-server-xvfb-1.12.4-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 5a999e26b7c286ae4515035d68e82b19 xorg-server-1.12.4-x86_64-1_slack14.0.txz 6b33ee07cd8888165aa30e1a15fb9b75 xorg-server-xephyr-1.12.4-x86_64-1_slack14.0.txz aa2917f89f0a199cc4fd4dd085094a5c xorg-server-xnest-1.12.4-x86_64-1_slack14.0.txz a1d2ca5a38f2c7a910277ed1005abce0 xorg-server-xvfb-1.12.4-x86_64-1_slack14.0.txz
Slackware -current packages: c269e97968334d26ac0fa5f45fe25ac5 x/xorg-server-1.13.4-i486-1.txz 29f0e8a979a1fc68c141db19b26f9708 x/xorg-server-xephyr-1.13.4-i486-1.txz 1224479b75d3ff1c09d1d6c05e0dfe9c x/xorg-server-xnest-1.13.4-i486-1.txz 78ac6ada62c02737a9351832a5729da1 x/xorg-server-xvfb-1.13.4-i486-1.txz
Slackware x86_64 -current packages: 99127697f8f70d96d7c7d8db3d01cc8a x/xorg-server-1.13.4-x86_64-1.txz 519c1ac7a59489baa8512e5a945cd672 x/xorg-server-xephyr-1.13.4-x86_64-1.txz 490bac5b05c3552961e976bcee6c875a x/xorg-server-xnest-1.13.4-x86_64-1.txz 5035d8299a7a63be00be8ec2e6d2bc7c x/xorg-server-xvfb-1.13.4-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root: # upgradepkg xorg-server-1.12.4-i486-1_slack14.0.txz xorg-server-xephyr-1.12.4-i486-1_slack14.0.txz xorg-server-xnest-1.12.4-i486-1_slack14.0.txz xorg-server-xvfb-1.12.4-i486-1_slack14.0.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlFxvd4ACgkQakRjwEAQIjPy0QCgjYilDD8uyEfXUWvEJDulHU0h jvEAnjqz0Hh03KlPAWIp3jnTxAsjf+RO =Nvhp -----END PGP SIGNATURE-----
|
|
|
|