--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-10336
2015-06-20 13:45:08
--------------------------------------------------------------------------------
Name : xorg-x11-server
Product : Fedora 22
Version : 1.17.2
Release : 1.fc22
URL : https://www.x.org/wiki/
Summary : X.Org X11 X server
Description :
X.Org X11 X server
--------------------------------------------------------------------------------
Update Information:
Upstream stable release of xserver 1.17.2
fix bug with glamor and overlapping copies
(CVE-2015-3164) Due to an omission in authentication setup, the XWayland server would start up in non-authenticating mode, meaning that any client with access to the server's UNIX socket was able to connect to the server and use it as a regular client. https://lists.freedesktop.org/archives/wayland-devel/2015-June/022548.html
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 16 2015 Adam Jackson 1.17.2-1
- xserver 1.17.2
* Tue Jun 16 2015 Dave Airlie 1.17.1-16
- fix bug with glamor and overlapping copies
* Wed Jun 10 2015 Ray Strode 1.17.1-15
- CVE-2015-3164
* Tue May 26 2015 Peter Hutterer 1.17.1-14
- Add the unaccelerated valuator masks, fixes nonmoving mouse in SDL
(#1208992)
* Wed May 20 2015 Kalev Lember - 1.17.1-13
- Obsolete xorg-x11-drv-void
* Tue May 19 2015 Hans de Goede - 1.17.1-12
- Fix "start -- vt7" not working fix breaking headless setups (#1203780)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1232131 - CVE-2015-3164 xorg-x11-server: Xwayland allows unconditional open access to display [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1232131
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update xorg-x11-server' at the command line.
For more information, refer to "Managing Software with yum",
available at .
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
--------------------------------------------------------------------------------