lp:ubuntu/dapper-security/xorg-server

Created by James Westby on 2010-02-22 and last modified on 2010-02-22
Get this branch:
bzr branch lp:ubuntu/dapper-security/xorg-server
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

27. By Bryce Harrington on 2008-06-11

 * Fix multiple security issues:
   + CVE-2008-2360 - RENDER Extension heap buffer overflow
   + CVE-2008-2361 - RENDER Extension crash
   + CVE-2008-2362 - RENDER Extension memory corruption
   + CVE-2008-1379 - MIT-SHM arbitrary memory read
   + CVE-2008-1377 - RECORD and Security extensions memory corruption

26. By Kees Cook on 2008-01-18

* SECURITY UPDATE: multiple memory corruption flaws.
* Re-applied security patches from 1:1.0.2-0ubuntu10.8.
* Updated fix_CVE-2007-6429.dpatch: upstream fixes for bbp < 8
  crash regressions.
* References
  http://gitweb.freedesktop.org/?p=xorg/xserver.git;a=commitdiff;h=e9fa7c1c88a8130a48f772c92b186b8b777986b5

25. By Timo Aaltonen on 2008-01-18

Revert previous security update since it causes severe regressions.
(LP: #183969)

24. By Kees Cook on 2008-01-17

* SECURITY UPDATE: multiple memory corruption flaws.
* Added fix_CVE-2007-5958.dpatch: upstream fix from Matthieu Herrb.
* Added fix_CVE-2007-5760.dpatch: backported upstream fixes
  (bbde5b62a137ba726a747b838d81e92d72c1b42b) for XFree86 Misc extension out
  of bounds array index.
* Added fix_CVE-2007-6427.dpatch: backported upstream fixes
  (dd5e0f5cd5f3a87fee86d99c073ffa7cf89b0a27) for Xinput extension memory
  corruption.
* Added fix_CVE-2007-6428.dpatch: backported upstream fixes
  (7dc1717ff0f96b99271a912b8948dfce5164d5ad) for TOG-cup extension memory
  corruption.
* Added fix_CVE-2007-6429.dpatch: backported upstream fixes
  (6de61f82728df22ea01f9659df6581b87f33f11d) for MIT-SHM and EVI extensions
  integer overflows.
* Added fix_CVE-2008-0006.dpatch: backported upstream fixes
  (8e133d96740d010a4fd969a8188e6e71fb2cafe2) for PCF Font parser buffer
  overflow.

23. By Kees Cook on 2007-09-18

* SECURITY UPDATE: local root code execution via heap buffer overflow in
  Composite extension.
* Add debian/patches/995_composite_copy_overflow.dpatch: upstream fixes.
* References
  CVE-2007-4730

22. By Kees Cook on 2007-03-29

* SECURITY UPDATE: arbitrary code execution with root privileges via
  integer overflows in MISC-XC.
* Add debian/patches/994_misc_xc_overflows.dpatch: upstream fixes.
* References
  CVE-2007-1003

21. By Kees Cook on 2007-01-08

* SECURITY UPDATE: Arbitrary code execution with root privileges via heap
  overflows in DBE and Render extensions.
* Add 'debian/patches/993_ubuntu_dbe-render_overflows.dpatch' from upstream
* References
  CVE-2006-6101 CVE-2006-6102 CVE-2006-6103

20. By Paul Sladen on 2006-05-14

Backport a fix for Intel bridge handling:
debian/patches/002_fix_for_certain_intel_chipsets.patch
(Closes Ubuntu: #29880)

19. By Fabio Massimo Di Nitto on 2006-05-05

Add 1680x1050 60 and 85Hz Modelines. Thanks to Bart Verwilst for the data.
(Closes Ubuntu: #6096)

18. By Fabio Massimo Di Nitto on 2006-05-03

* Fix "XCB rendertest crashes server":
  - Add patch 001-CVE-2006-1526.patch.dpatch.
(CVE-2006-1526)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/lucid/xorg-server
This branch contains Public information 
Everyone can see this information.

Subscribers