[ MDVSA-2008:116 ] - Updated x11-server packages fix several

Mandrivan turvallisuustiedotteiden tuoreimmat
Viestiketju on lukittu

[ MDVSA-2008:116 ] - Updated x11-server packages fix several

Uusi viestiKirjoittaja dude67 » 17 Kesä 2008, 07:01

Updated x11-server packages fix several vulnerabilities

An input validation flaw was found in X.org's Security and Record
extensions. A malicious authorized client could exploit the issue
to cause a denial of service (crash) or possibly execute arbitrary
code with root privileges on the X.org server (CVE-2008-1377).

An input validation flaw was found in X.org's MIT-SHM extension.
A client connected to the X.org server could read arbitrary server
memory, resulting in the disclosure of sensitive data of other users
of the X.org server (CVE-2008-1379).

Multiple integer overflows were found in X.org's Render extension.
A malicious authorized client could explot these issues to cause a
denial of service (crash) or possibly execute arbitrary code with
root privileges on the X.org server (CVE-2008-2360, CVE-2008-2361,
CVE-2008-2362).

In addition, this update corrects a problem that could cause memory
corruption or segfaults in the render code of the vnc server on
Mandriva Linux 2008.1

The updated packages have been patched to prevent these issues.
Kuva
1. Mageia-1 KDE4 x86_64 (& Win7 Pro) | desktop
2. Mageia-2 KDE4 (& Win7 Home Premium) | laptop Acer 7530
3. Mageia-1 KDE4 (& Win7 Starter) | Samsung NC-10 miniläppäri
4. Mageia-1 KDE4 | serverinä toimiva desktop
Luotettavaa Linux käyttöä jo Mandriva 2006.0:sta lähtien :)
Avatar
dude67
Site Admin
 
Viestit: 2256
Liittynyt: 27 Syys 2007, 16:58
Paikkakunta: Espoo
Ylös
Viestiketju on lukittu

Paluu Mandrivan turvallisuustiedotteet

Paikallaolijat

Käyttäjiä lukemassa tätä aluetta: Ei rekisteröityneitä käyttäjiä ja 49 vierailijaa

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Käännös, Lurttinen, www.phpbbsuomi.com
cron