Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Slackware 14.2 SSA:2017-279-03 Moderate: Xorg-Server Security Issue

slackware
Calendar Grey October 6, 2017
Dist Slackware Esm H88
Updated xorg-server versions for Slackware address significant vulnerabilities and enhance overall system reliability.
New xorg-server packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues

Summary

Here are the details from the Slackware 14.2 ChangeLog: patches/packages/xorg-server-1.18.3-i586-4_slack14.2.txz: Rebuilt. This update fixes two security issues: Xext/shm: Validate shmseg resource id, otherwise it can belong to a non-existing client and abort X server with FatalError "client not in use", or overwrite existing segment of another existing client. Generating strings for XKB data used a single shared static buffer, which offered several opportunities for errors. Use a ring of resizable buffers instead, to avoid problems when strings end up longer than anticipated. For more information, see: https://www.cve.org/CVERecord?id=CVE-2017-13721 https://www.cve.org/CVERecord?id=CVE-2017-13723 (* Security fix *) patches/packages/xorg-server-xephyr-1.18.3-i586-4_slack14.2.txz: Rebuilt. patches/packages/xorg-server-xnest-1.18.3-i586-4_slack14.2.txz: Rebuilt. patches/packages/xorg-server-xvfb-1.18.3-i586-4_slack14.2.txz: Rebuilt.

Topics%20covered

Topics Covered

security advisory moderate critical issue security fix slackware system stability xorg-server

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated packages for Slackware 14.0:
Updated packages for Slackware x86_64 14.0:
Updated packages for Slackware 14.1:
Updated packages for Slackware x86_64 14.1:
Updated packages for Slackware 14.2:
Updated packages for Slackware x86_64 14.2:
Updated packages for Slackware -current:
Updated packages for Slackware x86_64 -current:

MD5 Signatures

Slackware 14.0 packages: 7992d91e05b7888845f3a3c75194ca4e xorg-server-1.12.4-i486-4_slack14.0.txz 0701a7bb89d14c0eb04e0f20bfc2eb5c xorg-server-xephyr-1.12.4-i486-4_slack14.0.txz 7246c52a663c0e14bb73814f6ef8a0f4 xorg-server-xnest-1.12.4-i486-4_slack14.0.txz d7dcf92cfe38f890e0801e0dc7b1247c xorg-server-xvfb-1.12.4-i486-4_slack14.0.txz
Slackware x86_64 14.0 packages: f1629560ee97f40e77caf09936e3901d xorg-server-1.12.4-x86_64-4_slack14.0.txz 1e43220cca3b7bff7323985557d2d9f4 xorg-server-xephyr-1.12.4-x86_64-4_slack14.0.txz 0b7deb02ac2a65a5bf5c626781de7115 xorg-server-xnest-1.12.4-x86_64-4_slack14.0.txz a7b1e5a61e140dd773de748e8798a669 xorg-server-xvfb-1.12.4-x86_64-4_slack14.0.txz
Slackware 14.1 packages: dd9c442c38ce7907ebe3ce4c03f550ea xorg-server-1.14.3-i486-5_slack14.1.txz b5080cc5047fd311fa66c100117ce84d xorg-server-xephyr-1.14.3-i486-5_slack14.1.txz d85416e48fe4bda5a573b23c820cdb4f xorg-server-xnest-1.14.3-i486-5_slack14.1.txz 90980d1f2335fb6efe33d0c717e80b72 xorg-server-xvfb-1.14.3-i486-5_slack14.1.txz
Slackware x86_64 14.1 packages: f06a124a5452df626e8537938ff42377 xorg-server-1.14.3-x86_64-5_slack14.1.txz e1e1fa0c7989b8b1aae5989f29b730b0 xorg-server-xephyr-1.14.3-x86_64-5_slack14.1.txz a0830913185532efe2f8d42d2cd7b703 xorg-server-xnest-1.14.3-x86_64-5_slack14.1.txz 31ee2a54dfb2dfb4ef165455994e943d xorg-server-xvfb-1.14.3-x86_64-5_slack14.1.txz
Slackware 14.2 packages: b1309bf76678749b0f353ab786eac4f9 xorg-server-1.18.3-i586-4_slack14.2.txz b3e4de152de501ef28d0d638f2c63ca0 xorg-server-xephyr-1.18.3-i586-4_slack14.2.txz 325aee76a2fb475b5d2b85a923db5c75 xorg-server-xnest-1.18.3-i586-4_slack14.2.txz 78e3e9a598888d6a0971744fd734687c xorg-server-xvfb-1.18.3-i586-4_slack14.2.txz
Slackware x86_64 14.2 packages: a62e18070d91f19da8d847de732a0a92 xorg-server-1.18.3-x86_64-4_slack14.2.txz f701943b0097def2d5ca527916220c94 xorg-server-xephyr-1.18.3-x86_64-4_slack14.2.txz aa56252779925f47f2174c2792e14ade xorg-server-xnest-1.18.3-x86_64-4_slack14.2.txz 507ff04d45b120df461d9c24b0df1cbd xorg-server-xvfb-1.18.3-x86_64-4_slack14.2.txz
Slackware -current packages: 386ba989276aafd4d0c0c1e6cf991a0d x/xorg-server-1.19.4-i586-1.txz 37523585a8551808cc674eaa321636df x/xorg-server-xephyr-1.19.4-i586-1.txz 47e6944988f69a709a1c72792ae1c998 x/xorg-server-xnest-1.19.4-i586-1.txz 02e911fc786cac11d70c6273db25c628 x/xorg-server-xvfb-1.19.4-i586-1.txz
Slackware x86_64 -current packages: 1ccb0221b7603c4db7f8d16ebb3fd027 x/xorg-server-1.19.4-x86_64-1.txz e2498dbbd9775508681ee7b6fdf1992b x/xorg-server-xephyr-1.19.4-x86_64-1.txz a0550c5d304dedb5fa9a631f7508f399 x/xorg-server-xnest-1.19.4-x86_64-1.txz 9290dd947843f9611af59d1a7814923a x/xorg-server-xvfb-1.19.4-x86_64-1.txz

Severity
important
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory moderate critical issue security fix slackware system stability xorg-server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg xorg-server-*.txz

Related News

Your message here