lp:ubuntu/hoary-security/xorg
- Get this branch:
- bzr branch lp:ubuntu/hoary-security/xorg
Branch merges
Branch information
Recent revisions
- 6. By Martin Pitt
-
* SECURITY UPDATE: Root privilege escalation with crafted Type1 CID fonts.
* Add debian/patches/ 204_cid_ int_overflows. diff:
- lib/font/Type1/afm. c: Fix integer overflow in CIDAFM(). [CVE-2006-3739]
- lib/font/Type1/scanfont. c: Fix integer overflow in scan_cidfont().
[CVE-2006-3740] - 5. By Martin Pitt
-
* SECURITY UPDATE: DoS (X server crash) and possible root privilege escalation.
* Add debian/patches/ 203_pcf_ int_overflows. diff:
- lib/font/bitmap/ pcfread. c: Check for integer overflows when parsing PCF
font files to prevent exploitable buffer overflow.
- Patch taken from upstream git:
http://gitweb. freedesktop. org/?p= xorg/lib/ libXfont. git;a=commit; h=8d171fe61e564 d8ed8f75034d419 1062cecf190b
* CVE-2006-3467 - 4. By Martin Pitt
-
* SECURITY UPDATE: Arbitrary code execution with root privileges.
* Add debian/patches/ 200_render_ triangle_ alloc.diff:
- Fix typo in triangle ALLOCATE_LOCAL call (n & size -> n * size).
- Add a check for integer overflow.
* CVE-2006-1526 - 3. By Daniel Stone <email address hidden>
-
* SECURITY: CAN-2005-2495.
+ Fix exploitable overflow in creating huge pixmaps in the software
framebuffer cores.
+ https://bugs.freedeskt op.org/ show_bug. cgi?id= 594 - 2. By Daniel Stone <email address hidden>
-
* Include patch from Ben Herrenschmidt to fix assertion of DDC GPIO lines
after a DDC probe had finished, which would render Apple Studio Displays
useless.
* Don't reset all templates when migrating from xserver-xfree86; this will
render the template migration useless. Don't mess with $RECONFIGURE when
migrating from xfree86. Set use_sync_ranges true when upgrading from
xfree86 (closes: Ubuntu#8562, Ubuntu#8626).
* Use debug_echo liberally in xserver-xorg.postinst. in to tell us why we're
writing out sync ranges.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/xorg