lp:ubuntu/dapper-security/xorg-server
- Get this branch:
- bzr branch lp:ubuntu/dapper-security/xorg-server
Branch merges
Branch information
Recent revisions
- 27. By Bryce Harrington
-
* Fix multiple security issues:
+ CVE-2008-2360 - RENDER Extension heap buffer overflow
+ CVE-2008-2361 - RENDER Extension crash
+ CVE-2008-2362 - RENDER Extension memory corruption
+ CVE-2008-1379 - MIT-SHM arbitrary memory read
+ CVE-2008-1377 - RECORD and Security extensions memory corruption - 26. By Kees Cook
-
* SECURITY UPDATE: multiple memory corruption flaws.
* Re-applied security patches from 1:1.0.2-0ubuntu10. 8.
* Updated fix_CVE-2007-6429. dpatch: upstream fixes for bbp < 8
crash regressions.
* References
http://gitweb. freedesktop. org/?p= xorg/xserver. git;a=commitdif f;h=e9fa7c1c88a 8130a48f772c92b 186b8b777986b5 - 25. By Timo Aaltonen
-
Revert previous security update since it causes severe regressions.
(LP: #183969) - 24. By Kees Cook
-
* SECURITY UPDATE: multiple memory corruption flaws.
* Added fix_CVE-2007-5958. dpatch: upstream fix from Matthieu Herrb.
* Added fix_CVE-2007-5760. dpatch: backported upstream fixes
(bbde5b62a137ba726a747b838d8 1e92d72c1b42b) for XFree86 Misc extension out
of bounds array index.
* Added fix_CVE-2007-6427. dpatch: backported upstream fixes
(dd5e0f5cd5f3a87fee86d99c073 ffa7cf89b0a27) for Xinput extension memory
corruption.
* Added fix_CVE-2007-6428. dpatch: backported upstream fixes
(7dc1717ff0f96b99271a912b894 8dfce5164d5ad) for TOG-cup extension memory
corruption.
* Added fix_CVE-2007-6429. dpatch: backported upstream fixes
(6de61f82728df22ea01f9659df6 581b87f33f11d) for MIT-SHM and EVI extensions
integer overflows.
* Added fix_CVE-2008-0006. dpatch: backported upstream fixes
(8e133d96740d010a4fd969a8188 e6e71fb2cafe2) for PCF Font parser buffer
overflow. - 23. By Kees Cook
-
* SECURITY UPDATE: local root code execution via heap buffer overflow in
Composite extension.
* Add debian/patches/ 995_composite_ copy_overflow. dpatch: upstream fixes.
* References
CVE-2007-4730 - 22. By Kees Cook
-
* SECURITY UPDATE: arbitrary code execution with root privileges via
integer overflows in MISC-XC.
* Add debian/patches/ 994_misc_ xc_overflows. dpatch: upstream fixes.
* References
CVE-2007-1003 - 21. By Kees Cook
-
* SECURITY UPDATE: Arbitrary code execution with root privileges via heap
overflows in DBE and Render extensions.
* Add 'debian/patches/ 993_ubuntu_ dbe-render_ overflows. dpatch' from upstream
* References
CVE-2006-6101 CVE-2006-6102 CVE-2006-6103 - 20. By Paul Sladen
-
Backport a fix for Intel bridge handling:
debian/patches/ 002_fix_ for_certain_ intel_chipsets. patch
(Closes Ubuntu: #29880) - 19. By Fabio Massimo Di Nitto
-
Add 1680x1050 60 and 85Hz Modelines. Thanks to Bart Verwilst for the data.
(Closes Ubuntu: #6096) - 18. By Fabio Massimo Di Nitto
-
* Fix "XCB rendertest crashes server":
- Add patch 001-CVE-2006-1526. patch.dpatch.
(CVE-2006-1526)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/xorg-server