Debian: New xorg-server packages fix privilege escalation

- --------------------------------------------------------------------------Debian Security Advisory DSA 1372-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
September 9th, 2007                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------Package        : xorg-server
Vulnerability  : buffer overflow
Problem-Type   : local
Debian-specific: no
CVE ID         : CVE-2007-4730

Aaron Plattner discovered a buffer overflow in the Composite extension
of the X.org X server, which can lead to local privilege escalation.

The oldstable distribution (sarge) is not affected by this problem.

For the stable distribution (etch) this problem has been fixed in
version 1.1.1-21etch1.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your xorg-server packages.


Upgrade Instructions
- --------------------wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------  Source archives:

          Size/MD5 checksum:     1989 040b7079792c41cf036ab6c53dc9b4a4
          Size/MD5 checksum:   623510 e631fd8b61a97e7f86acc8163e66877e
          Size/MD5 checksum:  8388609 15852049050e49f380f953d8715500b9

  Alpha architecture:

          Size/MD5 checksum:  1028658 3d80f46705d75293dfdfc660b8c43bc0
          Size/MD5 checksum:   136746 c5b34af1931488d30258c4d1e9583590
          Size/MD5 checksum:  1762540 663078c6df56758348ae1643ef77f5a8
          Size/MD5 checksum:  1960320 d94c2f8cb88bb818ae853d4d711c5560
          Size/MD5 checksum:  4453854 5ebd60f215bd68c9efb6cdb053cee5bb
          Size/MD5 checksum:   352544 f1dfdbdb4c14ac681148bff5f94a0d93
          Size/MD5 checksum:  1928424 610d3c3ed15d840b94997120d6e63a29

  AMD64 architecture:

          Size/MD5 checksum:   859102 da077a3b9ee01a66b3de1651d932acaf
          Size/MD5 checksum:   130182 fbf76362c4261ff534cc8c529d323c08
          Size/MD5 checksum:  1472862 696e796f15ca561b6b07256814b13e5f
          Size/MD5 checksum:  1654590 995dddb3246c71bfb8bae0018cdd836c
          Size/MD5 checksum:  3902396 1a8798118bead94e4b5572852f137569
          Size/MD5 checksum:   345012 e1f5e1251d2107812b375c3a13312252
          Size/MD5 checksum:  1624188 6bf3205815c23651eef568640c3cf5ad

  ARM architecture:

          Size/MD5 checksum:   853576 dd529d80b55d4562c0c3b066987e08ae
          Size/MD5 checksum:   125000 ac5ac4ac699f0cc1ca754016c722b043
          Size/MD5 checksum:  1445032 fa50381c5e6a40d082b905b2755735f9
          Size/MD5 checksum:  1621736 dc41c8ed286afeabb52e7af6ff83dca9
          Size/MD5 checksum:  3777108 1af110b3dff919310791ec415d379066
          Size/MD5 checksum:   351798 eb3703d019453582e8bb5ee2443de793
          Size/MD5 checksum:  1597628 22bdaf4d92a7e89b6c0906fc8fddf6a7

  HP Precision architecture:

          Size/MD5 checksum:   909394 6b68fbf9ba66a39caa6236f120b490b9
          Size/MD5 checksum:   131004 b0a37659a706e06c1915c34b6a827299
          Size/MD5 checksum:  1659468 2b7b8c24497dfd6427c5ede94f58a6a5
          Size/MD5 checksum:  1851080 ce9e56c1a863a9a562f8909328995adc
          Size/MD5 checksum:  4384138 3bdc12e98ad1f384b309a39108d65ea5
          Size/MD5 checksum:   345102 0d946eb1724bd7edd92c9a0914872e2e
          Size/MD5 checksum:  1819054 22408df158a6767f615d5ccd170e3a84

  Intel IA-32 architecture:

          Size/MD5 checksum:   807370 f2ad4edec31adf075abe75f10643de7f
          Size/MD5 checksum:   121352 c7a7d4de270399449afea857221b7f91
          Size/MD5 checksum:  1387858 19cf74099c6676b309b724b8414963f9
          Size/MD5 checksum:  1562444 dd469c7c4890339fa0bb43c9301a310f
          Size/MD5 checksum:  3653718 6d648db6d7fe48f00f431ee5e86d7c86
          Size/MD5 checksum:   345064 b1b629661823fb8730f161c731fc15fc
          Size/MD5 checksum:  1537096 4cefefec714244f78a28233bac11e418

  Intel IA-64 architecture:

          Size/MD5 checksum:  1305428 f2ece147ad1b907995838bed86cb6577
          Size/MD5 checksum:   161196 c9180372fa91bf36126c1ea0ba7ab4d8
          Size/MD5 checksum:  2220142 3948c693f89b3182dd60f040e2d5abf7
          Size/MD5 checksum:  2496064 54444a1894c6bc2337b041fe08861bfa
          Size/MD5 checksum:  5490490 e5bfa8cff919b6648119e344035bde66
          Size/MD5 checksum:   345034 9ff6c816d7e97ed6c5ad0bae1e399c39
          Size/MD5 checksum:  2447228 6859f398dfc87427937c49327e1100d4

  Big endian MIPS architecture:

          Size/MD5 checksum:   861486 9c2f72a576c8dbdba86fc9a77abc053a
          Size/MD5 checksum:   134272 11b71d18b8909c78b4020f6107ab271e
          Size/MD5 checksum:  1536414 213eb32db439e80c012c8a5d5a40b42b
          Size/MD5 checksum:  1714128 cc75575b305b20884cfeb02faf756bb1
          Size/MD5 checksum:  3826698 54b6877358b09310f70c4ed4904ad99e
          Size/MD5 checksum:   345106 6fd5696caf0762c71259ec214bdc9146
          Size/MD5 checksum:  1681582 df0a9fcdc80b5885684ec12aea0c683b

  Little endian MIPS architecture:

          Size/MD5 checksum:   861548 35bd5a4bbfcc1c7ddbf582e8d064263f
          Size/MD5 checksum:   134468 61b299727ef2918e29971781840e7499
          Size/MD5 checksum:  1527816 391158af638344327b186b4ee778d211
          Size/MD5 checksum:  1708056 1fc6708d75015836f96bfa8ff1d903c6
          Size/MD5 checksum:  3710050 75c0fb7ef3b9a07ea3cca95675d06fa2
          Size/MD5 checksum:   345116 805a2ca25c5b57248b3f21412ecd979f
          Size/MD5 checksum:  1673676 6f3ef4a748e1a703bf92c5da8a2631cc

  PowerPC architecture:

          Size/MD5 checksum:   841884 88cafc03c5997e08840f95426408c89d
          Size/MD5 checksum:   136524 6aec5091c60835267a90e15a8c895207
          Size/MD5 checksum:  1447622 80c31af3c0c4069bde9a97b752c3849d
          Size/MD5 checksum:  1611484 6d6b6b0db0c78b64b77e7ec6ad7f05d2
          Size/MD5 checksum:  3982304 80dd36c211d5afa6ec9955ed45dadbdb
          Size/MD5 checksum:   345112 d2a04f508028e198a9c6340363c3dfbd
          Size/MD5 checksum:  1586774 d2f352dd71026a0d4e32f8dfab60b851

  IBM S/390 architecture:

          Size/MD5 checksum:   884036 be073e9c2ffce513729c899debf10cdf
          Size/MD5 checksum:   130306 fd6db02b490ea4e52e194c9f302da6ec
          Size/MD5 checksum:  1565678 90815bb6a3c3b724e2a12e19f45bde62
          Size/MD5 checksum:  1739724 286ebfdff522a7b33442b703324836fa
          Size/MD5 checksum:  4131780 4d58bef9651779a82c4422a132c299cd
          Size/MD5 checksum:   345040 d101698d0486d09f03f5e459b4b78000
          Size/MD5 checksum:  1708700 ea5d1db09bd3e93682c9074fc7dd88a6

  Sun Sparc architecture:

          Size/MD5 checksum:   778726 b744728a203c9db59fd524402fbc3790
          Size/MD5 checksum:   119604 47c0eb32e0bccbf494a2c6342c0f3936
          Size/MD5 checksum:  1391256 37fbe9b2727722e2d2048cb035cff08f
          Size/MD5 checksum:  1547784 ca26dfab45daf960b947793f243444fa
          Size/MD5 checksum:  3697216 ea5b1e30bd4b77ddb4b75238a694ce62
          Size/MD5 checksum:   345556 6f66832f1b9f7c41f7d6c4200b4a7329
          Size/MD5 checksum:  1523874 c78486f12cf98694ceafd8ec74805699


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp:  dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Debian: New xorg-server packages fix privilege escalation

Summary

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By
