[USN-514-1] X.org vulnerability
Date: Tue, 18 Sep 2007 18:03:23 -0700
From: Kees Cook <kees@ubuntu.com.>
To: [email protected]
Subject: [USN-514-1] X.org vulnerability
Message-ID: <20070919010323.GI17546@outflux.net.>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="uRjmd8ppyyws0Tml"
Content-Disposition: inline
Organization: Ubuntu
X-MIMEDefang-Filter: outflux$Revision: 1.299 $
X-HELO: gorgon.outflux.net
X-Scanned-By: MIMEDefang 2.57 on 10.2.0.1
X-Virus-Scanned: antivirus-gw at tyumen.ru
--uRjmd8ppyyws0Tml
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
Ubuntu Security Notice USN-514-1 September 18, 2007
xorg-server vulnerability
CVE-2007-4730
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
xserver-xorg-core 1:1.0.2-0ubuntu10.7
After a standard system upgrade you need to restart your session to affect
the necessary changes.
Details follow:
Aaron Plattner discovered that the Composite extension did not correctly
calculate the size of buffers when copying between different bit depths.
An authenticated user could exploit this to execute arbitrary code with
root privileges.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1=
=2E0.2-0ubuntu10.7.diff.gz
Size/MD5: 32472 6a6d37635fc4ea64383125476f12125f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1=
=2E0.2-0ubuntu10.7.dsc
Size/MD5: 1804 721150a166cc2624006d393b50b7efdd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1=
=2E0.2.orig.tar.gz
Size/MD5: 7966941 f44f0f07136791ed7a4028bd0dd5eae3
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0=
ubuntu10.7_amd64.deb
Size/MD5: 1414612 b040adf842f4808332b1c2ae9398fd35
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-=
core_1.0.2-0ubuntu10.7_amd64.deb
Size/MD5: 4048390 34e71f9f1dc217e59defadaf11005c9d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-=
dev_1.0.2-0ubuntu10.7_amd64.deb
Size/MD5: 294578 53bd2b029db77a964f95740f9b156476
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0u=
buntu10.7_amd64.deb
Size/MD5: 1564722 2097c92c355d4353a035c7c70063b937
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tool=
s_1.0.2-0ubuntu10.7_amd64.deb
Size/MD5: 49962 3bc71c9ae003ab40f1b79488278994d1
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.=
2-0ubuntu10.7_amd64.deb
Size/MD5: 849026 3347c6029df6a0e39d3f71e4691f4760
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0=
ubuntu10.7_i386.deb
Size/MD5: 1241798 eecebed99b8d63b9b7caa562a228638f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-=
core_1.0.2-0ubuntu10.7_i386.deb
Size/MD5: 3531696 a5c73e04b5f17546deb0dd688dfe2743
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-=
dev_1.0.2-0ubuntu10.7_i386.deb
Size/MD5: 294620 aa2bc63cf7effea51e6867a8d866c508
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0u=
buntu10.7_i386.deb
Size/MD5: 1382916 30246f435cc61b20243bea831673a3c3
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tool=
s_1.0.2-0ubuntu10.7_i386.deb
Size/MD5: 42502 8d0e1cd2999487dd86a67082ca04e4c1
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.=
2-0ubuntu10.7_i386.deb
Size/MD5: 748778 129c73ea8525ba80211c5ba2dab196ee
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0=
ubuntu10.7_powerpc.deb
Size/MD5: 1368488 89e2dfd7dd992227131fc34786068797
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-=
core_1.0.2-0ubuntu10.7_powerpc.deb
Size/MD5: 4076120 5ed11b5c4784173687107fa13762928f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-=
dev_1.0.2-0ubuntu10.7_powerpc.deb
Size/MD5: 294634 071a6282d870a46df34f3fa13466eaa3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0u=
buntu10.7_powerpc.deb
Size/MD5: 1506792 97b2fc49134d81c1956cb21e15b2292b
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tool=
s_1.0.2-0ubuntu10.7_powerpc.deb
Size/MD5: 55218 bd239e1bd4ff9a6700569fcf9f8e5826
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.=
2-0ubuntu10.7_powerpc.deb
Size/MD5: 825392 120bb955450c27103b72174be816ad09
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0=
ubuntu10.7_sparc.deb
Size/MD5: 1313534 b8d8b442473a36f3df11ba6c11132b86
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-=
core_1.0.2-0ubuntu10.7_sparc.deb
Size/MD5: 3789634 d44baec0b8f7b1f2b7de12eecc4f11ef
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-=
dev_1.0.2-0ubuntu10.7_sparc.deb
Size/MD5: 295044 e64f3fa2265dd31ad60e126e9d5fb33b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0u=
buntu10.7_sparc.deb
Size/MD5: 1445910 48715a64bdd21fa226d482a11fb9542d
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tool=
s_1.0.2-0ubuntu10.7_sparc.deb
Size/MD5: 43944 64852f714a49d1fce9c070ccc7598623
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.=
2-0ubuntu10.7_sparc.deb
Size/MD5: 758650 2eb14130350612ee86f3a6dbe4b462bc
--uRjmd8ppyyws0Tml
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFG8HVbH/9LqRcGPm0RAidzAJ4uQVhksKOz3BvhdL5IerF00fajqACeJIIo
v4nPGAVMm4QSKQVy5Nk+zEk=
=qWhG
-----END PGP SIGNATURE-----
--uRjmd8ppyyws0Tml--