Login
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in xorg-x11-server
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in xorg-x11-server
ID: FEDORA-2013-5967
Distribution: Fedora
Plattformen: Fedora 17
Datum: Sa, 8. Juni 2013, 09:03
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1940
Applikationen: X11

Originalnachricht

Name        : xorg-x11-server
Product : Fedora 17
Version : 1.12.4
Release : 7.fc17
URL : http://www.x.org
Summary : X.Org X11 X server
Description :
X.Org X11 X server

-------------------------------------------------------------------------------
-
Update Information:

Fix input buffer size to flush evdev events before enabling a device
(CVE-2013-1940)
Fix scrolling on Evoluent Vertical mouse
Avoid memory corruption if too many touch listeners are active
Bump EQ size to avoid spurious abrt reports
Add a quirk to get a reasonably sane default button mapping for the Evoluent
Vertical Mouse 3
-------------------------------------------------------------------------------
-
ChangeLog:

* Thu Apr 11 2013 Peter Hutterer <peter.hutterer@redhat.com> 1.12.4-7
- CVE-2013-1940: Fix xf86FlushInput() to drain evdev events
(#950438, #952949)
* Thu Feb 14 2013 Peter Hutterer <peter.hutterer@redhat.com> 1.12.4-6
- Fix scrolling for Evoluent Vertical Mouse 3 (#612140#c20)
* Thu Jan 31 2013 Peter Hutterer <peter.hutterer@redhat.com> 1.12.4-5
- Add quirk for Evoluent Vertical Mouse 3, button mapping is quirky
(#612140)
* Tue Jan 29 2013 Peter Hutterer <peter.hutterer@redhat.com> 1.12.4-4
- Avoid memory corruption on too many touch listeners (#862829)
* Wed Jan 23 2013 Adam Jackson <ajax@redhat.com> 1.12.4-3
- Bump default EQ size to avoid spurious abrt reports
* Fri Dec 14 2012 Adam Jackson <ajax@redhat.com> 1.12.4-2
- Cherry-pick a fix for selection for TouchBegin from multiple clients
* Wed Nov 28 2012 Adam Jackson <ajax@redhat.com> 1.12.4-1
- xserver 1.12.4
* Thu Sep 20 2012 Peter Hutterer <peter.hutterer@redhat.com> 1.12.3-2
- Set the transformation matrix to the unity matrix to avoid spurious cursor
jumps (#852841)
* Mon Aug 20 2012 Peter Hutterer <peter.hutterer@redhat.com> 1.12.3-1
- xserver 1.12.3
- Update displayfd newline patch to upstream's version
* Tue Jun 26 2012 Peter Hutterer <peter.hutterer@redhat.com> 1.12.2-4
- send keycode/event type down the wire when SlowKeys enable, otherwise
GNOME won't warn about it (#816764)
* Thu Jun 21 2012 Peter Hutterer <peter.hutterer@redhat.com> 1.12.2-3
- print newline after printing $DISPLAY to -displayfd (#824594)
* Fri Jun 15 2012 Dan Horák <dan[at]danny.cz> 1.12.2-2
- fix build without xorg (aka s390x)
* Wed May 30 2012 Peter Hutterer <peter.hutterer@redhat.com> 1.12.2-1
- xserver 1.12.2
* Fri May 25 2012 Dave Airlie <airlied@redhat.com> 1.12.1-2
- xserver-fix-pci-slot-claims.patch: backport slot claiming fix from master
- xserver-1.12-modesetting-fallback.patch: add modesetting to fallback list
* Mon May 14 2012 Peter Hutterer <peter.hutterer@redhat.com>
- Drop xserver-1.10.99.1-test.patch:
cd89482088f71ed517c2e88ed437e4752070c3f4 fixed it
* Mon May 14 2012 Peter Hutterer <peter.hutterer@redhat.com> 1.12.1-1
- server 1.12.1
- force autoreconf to avoid libtool errors
- update patches for new indentation style.
* Mon May 14 2012 Peter Hutterer <peter.hutterer@redhat.com> 1.12.0-6
- Make timers signal-safe (#814869)
* Sun May 13 2012 Dennis Gilmore <dennis@ausil.us> 1.12.0-5
- enable vbe on arm arches
* Thu Apr 26 2012 Adam Jackson <ajax@redhat.com> 1.12.0-4
- Obsolete some old video drivers in F18+
* Wed Mar 21 2012 Adam Jackson <ajax@redhat.com> 1.12.0-3
- Tweak arches for RHEL
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #950438 - CVE-2013-1940 xorg-x11-server: Information disclosure due
enabling events from hot-plug devices despite input from the device being momentarily disabled
https://bugzilla.redhat.com/show_bug.cgi?id=950438
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update xorg-x11-server' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung