You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa xorg-x11-server

Sigurnosni nedostatak programskog paketa xorg-x11-server

——————————————————————————–
Fedora Update Notification
FEDORA-2015-10336
2015-06-20 13:45:08
——————————————————————————–

Name : xorg-x11-server
Product : Fedora 22
Version : 1.17.2
Release : 1.fc22
URL : http://www.x.org
Summary : X.Org X11 X server
Description :
X.Org X11 X server

——————————————————————————–
Update Information:

Upstream stable release of xserver 1.17.2
fix bug with glamor and overlapping copies
(CVE-2015-3164) Due to an omission in authentication setup, the XWayland server would start up in non-authenticating mode, meaning that any client with access to the server’s UNIX socket was able to connect to the server and use it as a regular client. http://lists.freedesktop.org/archives/wayland-devel/2015-June/022548.html
——————————————————————————–
ChangeLog:

* Tue Jun 16 2015 Adam Jackson <ajax@redhat.com> 1.17.2-1
– xserver 1.17.2
* Tue Jun 16 2015 Dave Airlie <airlied@redhat.com> 1.17.1-16
– fix bug with glamor and overlapping copies
* Wed Jun 10 2015 Ray Strode <rstrode@redhat.com> 1.17.1-15
– CVE-2015-3164
* Tue May 26 2015 Peter Hutterer <peter.hutterer@redhat.com> 1.17.1-14
– Add the unaccelerated valuator masks, fixes nonmoving mouse in SDL
(#1208992)
* Wed May 20 2015 Kalev Lember <kalevlember@gmail.com> – 1.17.1-13
– Obsolete xorg-x11-drv-void
* Tue May 19 2015 Hans de Goede <hdegoede@redhat.com> – 1.17.1-12
– Fix “start — vt7” not working fix breaking headless setups (#1203780)
——————————————————————————–
References:

[ 1 ] Bug #1232131 – CVE-2015-3164 xorg-x11-server: Xwayland allows unconditional open access to display [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1232131
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update xorg-x11-server’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa pyjwt

Otkriven je sigurnosni nedostatak u programskom paketu pyjwt za operacijski sustav Debian. Otkriveni nedostatak potencijalnim napadačima omogućuje zaobilaženje mehanizma provjere...

Close