-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  xorg-server (SSA:2010-240-06)

New xorg-server packages are available for Slackware 12.0, 12.1, 12.2, 13.0,
13.1, and -current to fix a security issue.


Here are the details from the Slackware 13.1 ChangeLog:
+--------------------------+
patches/packages/xorg-server-1.7.7-i486-2_slack13.1.txz:  Rebuilt.
  Patched to prevent overwriting stack memory and bypassing security mechanisms
  on systems that use a 2.6 Linux kernel.  Reported by Rafal Wojtczuk.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

HINT:  Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try.  This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org/) for donating additional FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.

Updated packages for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-1.3.0.0-i486-3_slack12.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xdmx-1.3.0.0-i486-3_slack12.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xnest-1.3.0.0-i486-3_slack12.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xvfb-1.3.0.0-i486-3_slack12.0.tgz

Updated packages for Slackware 12.1:

Updated packages for Slackware 12.2:

Updated packages for Slackware 13.0:

Updated packages for Slackware x86_64 13.0:

Updated packages for Slackware 13.1:

Updated packages for Slackware x86_64 13.1:

Updated packages for Slackware -current:

Updated packages for Slackware x86_64 -current:


MD5 signatures:
+-------------+

Slackware 12.0 packages:
948e4d6012f7c349be58318622941508  xorg-server-1.3.0.0-i486-3_slack12.0.tgz
c9d5f136423384d7a68f971992f6049f  xorg-server-xdmx-1.3.0.0-i486-3_slack12.0.tgz
bb3da6748a08c142c47633e642c7137d  xorg-server-xnest-1.3.0.0-i486-3_slack12.0.tgz
dfb6bdba04491ca4acb15fafd89638b2  xorg-server-xvfb-1.3.0.0-i486-3_slack12.0.tgz

Slackware 12.1 packages:
a8ab8b3976df8633257d65b3913b8883  xorg-server-1.4.2-i486-2_slack12.1.tgz
4fdf655f8fc4ffdd478a6c3981b0a6fd  xorg-server-xnest-1.4.2-i486-2_slack12.1.tgz
93e4c5e23fa6efc9a5c222da5edac3ba  xorg-server-xvfb-1.4.2-i486-2_slack12.1.tgz

Slackware 12.2 packages:
bcd28e761bb4adbf24dec715c49d297b  xorg-server-1.4.2-i486-2_slack12.2.tgz
25723efc09e09d915ebb36e1205d70b1  xorg-server-xnest-1.4.2-i486-2_slack12.2.tgz
d1c5206344d115c19f4349faa92a02a1  xorg-server-xvfb-1.4.2-i486-2_slack12.2.tgz

Slackware 13.0 packages:
dc4780c806670dd2b1bbf849f1de135a  xorg-server-1.6.3-i486-2_slack13.0.txz
3d7ecec9719e890d76f773f284dfe339  xorg-server-xephyr-1.6.3-i486-2_slack13.0.txz
67bd1e1772b5b56a3437b328a25b32d1  xorg-server-xnest-1.6.3-i486-2_slack13.0.txz
d6f8fd0392ded6db5d8a8a38a21aa0bd  xorg-server-xvfb-1.6.3-i486-2_slack13.0.txz

Slackware x86_64 13.0 packages:
dcba378af605ce9215b59f1c9b695765  xorg-server-1.6.3-x86_64-2_slack13.0.txz
471d08f7e17f1b00a27801d53ca7ac0e  xorg-server-xephyr-1.6.3-x86_64-2_slack13.0.txz
1ab068bc4ae868eb8474a37cae643c3f  xorg-server-xnest-1.6.3-x86_64-2_slack13.0.txz
ce6fff885eaeb0bacffed8de5bff696f  xorg-server-xvfb-1.6.3-x86_64-2_slack13.0.txz

Slackware 13.1 packages:
ea462ea066e90341443e135a34cc74e7  xorg-server-1.7.7-i486-2_slack13.1.txz
dd01a6d98fed4d0135aef3ba4434d713  xorg-server-xephyr-1.7.7-i486-2_slack13.1.txz
4650b8a0248c225172367c3a49c2b8ea  xorg-server-xnest-1.7.7-i486-2_slack13.1.txz
b28c1a2118f9e68c44e794d85d214c4b  xorg-server-xvfb-1.7.7-i486-2_slack13.1.txz

Slackware x86_64 13.1 packages:
5a94d24124740a99e4961c2511f40ae4  xorg-server-1.7.7-x86_64-2_slack13.1.txz
de80c9498875b726f46612f344223b98  xorg-server-xephyr-1.7.7-x86_64-2_slack13.1.txz
47c55a47f8c0d3fef964984cf35d7327  xorg-server-xnest-1.7.7-x86_64-2_slack13.1.txz
838b0c430f248e8f4db8ab7b2a310f90  xorg-server-xvfb-1.7.7-x86_64-2_slack13.1.txz

Slackware -current packages:
5d47df75439e8be839648d62dff8a067  x/xorg-server-1.7.7-i486-2.txz
5567692e94ab8d77e78a947aa6761dce  x/xorg-server-xephyr-1.7.7-i486-2.txz
0c3112b8b3de5dfa5546c4808b0fd1ab  x/xorg-server-xnest-1.7.7-i486-2.txz
c227768380dbfcf6e10e252b0ed63559  x/xorg-server-xvfb-1.7.7-i486-2.txz

Slackware x86_64 -current packages:
fd708c0e164edf215ed3c26f2ee37721  x/xorg-server-1.7.7-x86_64-2.txz
eab6cd91332a734466fd1b8f295d5842  x/xorg-server-xephyr-1.7.7-x86_64-2.txz
eac24a47e7906236c6cb4971a24f61d9  x/xorg-server-xnest-1.7.7-x86_64-2.txz
c9c3d50532fd43cabee7bfbea1cce0e1  x/xorg-server-xvfb-1.7.7-x86_64-2.txz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg xorg-server-*z


+-----+

Slackware: 2010-240-06: xorg-server Security Update

August 28, 2010
New xorg-server packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue

Summary

Here are the details from the Slackware 13.1 ChangeLog: patches/packages/xorg-server-1.7.7-i486-2_slack13.1.txz: Rebuilt. Patched to prevent overwriting stack memory and bypassing security mechanisms on systems that use a 2.6 Linux kernel. Reported by Rafal Wojtczuk. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240 (* Security fix *)

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated packages for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-1.3.0.0-i486-3_slack12.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xdmx-1.3.0.0-i486-3_slack12.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xnest-1.3.0.0-i486-3_slack12.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xvfb-1.3.0.0-i486-3_slack12.0.tgz
Updated packages for Slackware 12.1:
Updated packages for Slackware 12.2:
Updated packages for Slackware 13.0:
Updated packages for Slackware x86_64 13.0:
Updated packages for Slackware 13.1:
Updated packages for Slackware x86_64 13.1:
Updated packages for Slackware -current:
Updated packages for Slackware x86_64 -current:

MD5 Signatures

Slackware 12.0 packages: 948e4d6012f7c349be58318622941508 xorg-server-1.3.0.0-i486-3_slack12.0.tgz c9d5f136423384d7a68f971992f6049f xorg-server-xdmx-1.3.0.0-i486-3_slack12.0.tgz bb3da6748a08c142c47633e642c7137d xorg-server-xnest-1.3.0.0-i486-3_slack12.0.tgz dfb6bdba04491ca4acb15fafd89638b2 xorg-server-xvfb-1.3.0.0-i486-3_slack12.0.tgz
Slackware 12.1 packages: a8ab8b3976df8633257d65b3913b8883 xorg-server-1.4.2-i486-2_slack12.1.tgz 4fdf655f8fc4ffdd478a6c3981b0a6fd xorg-server-xnest-1.4.2-i486-2_slack12.1.tgz 93e4c5e23fa6efc9a5c222da5edac3ba xorg-server-xvfb-1.4.2-i486-2_slack12.1.tgz
Slackware 12.2 packages: bcd28e761bb4adbf24dec715c49d297b xorg-server-1.4.2-i486-2_slack12.2.tgz 25723efc09e09d915ebb36e1205d70b1 xorg-server-xnest-1.4.2-i486-2_slack12.2.tgz d1c5206344d115c19f4349faa92a02a1 xorg-server-xvfb-1.4.2-i486-2_slack12.2.tgz
Slackware 13.0 packages: dc4780c806670dd2b1bbf849f1de135a xorg-server-1.6.3-i486-2_slack13.0.txz 3d7ecec9719e890d76f773f284dfe339 xorg-server-xephyr-1.6.3-i486-2_slack13.0.txz 67bd1e1772b5b56a3437b328a25b32d1 xorg-server-xnest-1.6.3-i486-2_slack13.0.txz d6f8fd0392ded6db5d8a8a38a21aa0bd xorg-server-xvfb-1.6.3-i486-2_slack13.0.txz
Slackware x86_64 13.0 packages: dcba378af605ce9215b59f1c9b695765 xorg-server-1.6.3-x86_64-2_slack13.0.txz 471d08f7e17f1b00a27801d53ca7ac0e xorg-server-xephyr-1.6.3-x86_64-2_slack13.0.txz 1ab068bc4ae868eb8474a37cae643c3f xorg-server-xnest-1.6.3-x86_64-2_slack13.0.txz ce6fff885eaeb0bacffed8de5bff696f xorg-server-xvfb-1.6.3-x86_64-2_slack13.0.txz
Slackware 13.1 packages: ea462ea066e90341443e135a34cc74e7 xorg-server-1.7.7-i486-2_slack13.1.txz dd01a6d98fed4d0135aef3ba4434d713 xorg-server-xephyr-1.7.7-i486-2_slack13.1.txz 4650b8a0248c225172367c3a49c2b8ea xorg-server-xnest-1.7.7-i486-2_slack13.1.txz b28c1a2118f9e68c44e794d85d214c4b xorg-server-xvfb-1.7.7-i486-2_slack13.1.txz
Slackware x86_64 13.1 packages: 5a94d24124740a99e4961c2511f40ae4 xorg-server-1.7.7-x86_64-2_slack13.1.txz de80c9498875b726f46612f344223b98 xorg-server-xephyr-1.7.7-x86_64-2_slack13.1.txz 47c55a47f8c0d3fef964984cf35d7327 xorg-server-xnest-1.7.7-x86_64-2_slack13.1.txz 838b0c430f248e8f4db8ab7b2a310f90 xorg-server-xvfb-1.7.7-x86_64-2_slack13.1.txz
Slackware -current packages: 5d47df75439e8be839648d62dff8a067 x/xorg-server-1.7.7-i486-2.txz 5567692e94ab8d77e78a947aa6761dce x/xorg-server-xephyr-1.7.7-i486-2.txz 0c3112b8b3de5dfa5546c4808b0fd1ab x/xorg-server-xnest-1.7.7-i486-2.txz c227768380dbfcf6e10e252b0ed63559 x/xorg-server-xvfb-1.7.7-i486-2.txz
Slackware x86_64 -current packages: fd708c0e164edf215ed3c26f2ee37721 x/xorg-server-1.7.7-x86_64-2.txz eab6cd91332a734466fd1b8f295d5842 x/xorg-server-xephyr-1.7.7-x86_64-2.txz eac24a47e7906236c6cb4971a24f61d9 x/xorg-server-xnest-1.7.7-x86_64-2.txz c9c3d50532fd43cabee7bfbea1cce0e1 x/xorg-server-xvfb-1.7.7-x86_64-2.txz

Severity
[slackware-security] xorg-server (SSA:2010-240-06)
New xorg-server packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg xorg-server-*z

Related News

21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved