Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Slackware: 2013-109-01 Low Severity: Input Leak Fix for Xorg-Server

slackware
Calendar Grey April 19, 2013
Dist Slackware Esm H88
Updated xorg-server distributions for Slackware address a vulnerability related to input flushing, bolstering overall system safety and robustness.
New xorg-server packages are available for Slackware 13.37, 14.0, and -current to fix a security issue

Summary

Here are the details from the Slackware 14.0 ChangeLog: patches/packages/xorg-server-1.12.4-i486-1_slack14.0.txz: Upgraded. This update fixes an input flush bug with evdev. Under exceptional conditions (keyboard input during device hotplugging), this could leak a small amount of information intended for the X server. This issue was evaluated to be of low impact. For more information, see: https://www.cve.org/CVERecord?id=CVE-2013-1940 https://lists.x.org/archives/xorg-devel/2013-April/036014.html (* Security fix *) patches/packages/xorg-server-xephyr-1.12.4-i486-1_slack14.0.txz: Upgraded. patches/packages/xorg-server-xnest-1.12.4-i486-1_slack14.0.txz: Upgraded. patches/packages/xorg-server-xvfb-1.12.4-i486-1_slack14.0.txz: Upgraded.

Topics%20covered

Topics Covered

security advisory security fix slackware low severity xorg-server input leak

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated packages for Slackware 13.37:
Updated packages for Slackware x86_64 13.37:
Updated packages for Slackware 14.0:
Updated packages for Slackware x86_64 14.0:
Updated packages for Slackware -current:
Updated packages for Slackware x86_64 -current:

MD5 Signatures

Slackware 13.37 packages: f9fb8302617c3adbe6b990f69b50ea41 xorg-server-1.9.5-i486-2_slack13.37.txz e0e6633d916062a0ff5d6399e8ee37dc xorg-server-xephyr-1.9.5-i486-2_slack13.37.txz a2ad861a624d7c023b15ad6d1619f006 xorg-server-xnest-1.9.5-i486-2_slack13.37.txz 2fe18a301cb3347bac78b5566539e4ca xorg-server-xvfb-1.9.5-i486-2_slack13.37.txz
Slackware x86_64 13.37 packages: 1dd0651df7a8fe40dce1036cbe811e31 xorg-server-1.9.5-x86_64-2_slack13.37.txz 80d02ea8a865deddcf93151d9da7f52b xorg-server-xephyr-1.9.5-x86_64-2_slack13.37.txz 9de55c8b950f8a09e3a22eebf8a6ce7f xorg-server-xnest-1.9.5-x86_64-2_slack13.37.txz 3df6413ba79b5c4068ce1bdb0b9d86c8 xorg-server-xvfb-1.9.5-x86_64-2_slack13.37.txz
Slackware 14.0 packages: f6051eb053f3cf3b97324d74af408e3e xorg-server-1.12.4-i486-1_slack14.0.txz 8d3b5a4458277050a2e3013f6e4875fe xorg-server-xephyr-1.12.4-i486-1_slack14.0.txz 7adecd324f0fc4f5528a0d72d7c9fca8 xorg-server-xnest-1.12.4-i486-1_slack14.0.txz ccf8cae6dfdad7a928415242a57391b1 xorg-server-xvfb-1.12.4-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 5a999e26b7c286ae4515035d68e82b19 xorg-server-1.12.4-x86_64-1_slack14.0.txz 6b33ee07cd8888165aa30e1a15fb9b75 xorg-server-xephyr-1.12.4-x86_64-1_slack14.0.txz aa2917f89f0a199cc4fd4dd085094a5c xorg-server-xnest-1.12.4-x86_64-1_slack14.0.txz a1d2ca5a38f2c7a910277ed1005abce0 xorg-server-xvfb-1.12.4-x86_64-1_slack14.0.txz
Slackware -current packages: c269e97968334d26ac0fa5f45fe25ac5 x/xorg-server-1.13.4-i486-1.txz 29f0e8a979a1fc68c141db19b26f9708 x/xorg-server-xephyr-1.13.4-i486-1.txz 1224479b75d3ff1c09d1d6c05e0dfe9c x/xorg-server-xnest-1.13.4-i486-1.txz 78ac6ada62c02737a9351832a5729da1 x/xorg-server-xvfb-1.13.4-i486-1.txz
Slackware x86_64 -current packages: 99127697f8f70d96d7c7d8db3d01cc8a x/xorg-server-1.13.4-x86_64-1.txz 519c1ac7a59489baa8512e5a945cd672 x/xorg-server-xephyr-1.13.4-x86_64-1.txz 490bac5b05c3552961e976bcee6c875a x/xorg-server-xnest-1.13.4-x86_64-1.txz 5035d8299a7a63be00be8ec2e6d2bc7c x/xorg-server-xvfb-1.13.4-x86_64-1.txz

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory security fix slackware low severity xorg-server input leak

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg xorg-server-1.12.4-i486-1_slack14.0.txz xorg-server-xephyr-1.12.4-i486-1_slack14.0.txz xorg-server-xnest-1.12.4-i486-1_slack14.0.txz xorg-server-xvfb-1.12.4-i486-1_slack14.0.txz

Related News

Your message here