Vulnerability : isehlt : [slackware-security] xorg-server (SSA:2014-356-03)

2014 m. gruodžio 23 d., antradienis

[slackware-security] xorg-server (SSA:2014-356-03)

[slackware-security] xorg-server (SSA:2014-356-03)

New xorg-server packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/xorg-server-1.14.3-i486-3_slack14.1.txz: Rebuilt.
This update fixes many security issues discovered by Ilja van Sprundel,
a security researcher with IOActive.
For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8091
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8092
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8093
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8094
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8095
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8096
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8097
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8098
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8099
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8100
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8101
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8102
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8103
(* Security fix *)
patches/packages/xorg-server-
xephyr-1.14.3-i486-3_slack14.1.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.14.3-i486-3_slack14.1.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.14.3-i486-3_slack14.1.txz: Rebuilt.
+--------------------------+

Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/xorg-server-1.14.3-i486-3_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/xorg-server-xephyr-1.14.3-i486-3_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/xorg-server-xnest-1.14.3-i486-3_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/xorg-server-xvfb-1.14.3-i486-3_slack14.1.txz

Updated packages for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/xorg-server-1.14.3-x86_64-3_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/xorg-server-xephyr-1.14.3-x86_64-3_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/xorg-server-xnest-1.14.3-x86_64-3_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/xorg-server-xvfb-1.14.3-x86_64-3_slack14.1.txz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-1.15.2-i486-3.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-xephyr-1.15.2-i486-3.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-xnest-1.15.2-i486-3.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-xvfb-1.15.2-i486-3.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-1.15.2-x86_64-3.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-xephyr-1.15.2-x86_64-3.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-xnest-1.15.2-x86_64-3.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-xvfb-1.15.2-x86_64-3.txz

MD5 signatures:
+-------------+

Slackware 14.1 packages:
69ec69426bc6245c24da949ca1b21069 xorg-server-1.14.3-i486-3_slack14.1.txz
354ad2193aea7f83bb4966ab4471696c xorg-server-xephyr-1.14.3-i486-3_slack14.1.txz
b5ad5534e780a7e837c491241b093ea5 xorg-server-xnest-1.14.3-i486-3_slack14.1.txz
c64c23d45caa9edb868f212fed6eacf4 xorg-server-xvfb-1.14.3-i486-3_slack14.1.txz

Slackware x86_64 14.1 packages:
a9e968f64a6a681958aa125a0303c04c xorg-server-1.14.3-x86_64-3_slack14.1.txz
b4cbb9d7c91188e0302f701fdac46d3b xorg-server-xephyr-1.14.3-x86_64-3_slack14.1.txz
14b8b255b7b7f5e02754b0f55734a749 xorg-server-xnest-1.14.3-x86_64-3_slack14.1.txz
d03987b098537ce2e76de10fcc4b9114 xorg-server-xvfb-1.14.3-x86_64-3_slack14.1.txz

Slackware -current packages:
cebde7179b805f314b88f6346adac006 x/xorg-server-1.15.2-i486-3.txz
e7e2ebf5ddf17b0e614544ae5866b4c7 x/xorg-server-xephyr-1.15.2-i486-3.txz
2649499068f72265f7a750c1521f6c0c x/xorg-server-xnest-1.15.2-i486-3.txz
0d77ba1ce26faf0c6d6fbd5d677b45b3 x/xorg-server-xvfb-1.15.2-i486-3.txz

Slackware x86_64 -current packages:
93f8441244f662fad6e98fb41764bba7 x/xorg-server-1.15.2-x86_64-3.txz
4b47e4c0ebc531751f05844d2235cdd2 x/xorg-server-xephyr-1.15.2-x86_64-3.txz
bca73b287db2f52b516cf758b744ffc4 x/xorg-server-xnest-1.15.2-x86_64-3.txz
dfa6eff2fa1adacd4d8ce2bc43bade80 x/xorg-server-xvfb-1.15.2-x86_64-3.txz

Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg xorg-server-*.txz

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+

Komentarų nėra:

Rašyti komentarą

Užsisakykite: Rašyti komentarus (Atom)