Ubuntu
xorg-server package

lp:ubuntu/dapper-security/xorg-server

Dapper (6.06)
dapper-security

Created by James Westby on 2010-02-22 and last modified on 2010-02-22

Get this branch:: bzr branch lp:ubuntu/dapper-security/xorg-server

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

27. By Bryce Harrington on 2008-06-11: * Fix multiple security issues:
   + CVE-2008-2360 - RENDER Extension heap buffer overflow
   + CVE-2008-2361 - RENDER Extension crash
   + CVE-2008-2362 - RENDER Extension memory corruption
   + CVE-2008-1379 - MIT-SHM arbitrary memory read
   + CVE-2008-1377 - RECORD and Security extensions memory corruption
26. By Kees Cook on 2008-01-18: * SECURITY UPDATE: multiple memory corruption flaws.
* Re-applied security patches from 1:1.0.2-0ubuntu10.8.
* Updated fix_CVE-2007-6429.dpatch: upstream fixes for bbp < 8
crash regressions.
* References
http://gitweb.freedesktop.org/?p=xorg/xserver.git;a=commitdiff;h=e9fa7c1c88a8130a48f772c92b186b8b777986b5
25. By Timo Aaltonen on 2008-01-18: Revert previous security update since it causes severe regressions.
(LP: #183969)
24. By Kees Cook on 2008-01-17: * SECURITY UPDATE: multiple memory corruption flaws.
* Added fix_CVE-2007-5958.dpatch: upstream fix from Matthieu Herrb.
* Added fix_CVE-2007-5760.dpatch: backported upstream fixes
  (bbde5b62a137ba726a747b838d81e92d72c1b42b) for XFree86 Misc extension out
  of bounds array index.
* Added fix_CVE-2007-6427.dpatch: backported upstream fixes
  (dd5e0f5cd5f3a87fee86d99c073ffa7cf89b0a27) for Xinput extension memory
  corruption.
* Added fix_CVE-2007-6428.dpatch: backported upstream fixes
  (7dc1717ff0f96b99271a912b8948dfce5164d5ad) for TOG-cup extension memory
  corruption.
* Added fix_CVE-2007-6429.dpatch: backported upstream fixes
  (6de61f82728df22ea01f9659df6581b87f33f11d) for MIT-SHM and EVI extensions
  integer overflows.
* Added fix_CVE-2008-0006.dpatch: backported upstream fixes
  (8e133d96740d010a4fd969a8188e6e71fb2cafe2) for PCF Font parser buffer
  overflow.
23. By Kees Cook on 2007-09-18: * SECURITY UPDATE: local root code execution via heap buffer overflow in
Composite extension.
* Add debian/patches/995_composite_copy_overflow.dpatch: upstream fixes.
* References
CVE-2007-4730
22. By Kees Cook on 2007-03-29: * SECURITY UPDATE: arbitrary code execution with root privileges via
integer overflows in MISC-XC.
* Add debian/patches/994_misc_xc_overflows.dpatch: upstream fixes.
* References
CVE-2007-1003
21. By Kees Cook on 2007-01-08: * SECURITY UPDATE: Arbitrary code execution with root privileges via heap
overflows in DBE and Render extensions.
* Add 'debian/patches/993_ubuntu_dbe-render_overflows.dpatch' from upstream
* References
CVE-2006-6101 CVE-2006-6102 CVE-2006-6103
20. By Paul Sladen on 2006-05-14: Backport a fix for Intel bridge handling:
debian/patches/002_fix_for_certain_intel_chipsets.patch
(Closes Ubuntu: #29880)
19. By Fabio Massimo Di Nitto on 2006-05-05: Add 1680x1050 60 and 85Hz Modelines. Thanks to Bart Verwilst for the data.
(Closes Ubuntu: #6096)
18. By Fabio Massimo Di Nitto on 2006-05-03: * Fix "XCB rendertest crashes server":
- Add patch 001-CVE-2006-1526.patch.dpatch.
(CVE-2006-1526)

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/lucid/xorg-server

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntuxorg-server package