[El-errata] ELSA-2014-1982 Important: Oracle Linux 5 xorg-x11-server security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Dec 11 17:58:57 PST 2014
Oracle Linux Security Advisory ELSA-2014-1982
https://rhn.redhat.com/errata/RHSA-2014-1982.html
The following updated rpms for Oracle Linux 5 have been uploaded to the
Unbreakable Linux Network:
i386:
xorg-x11-server-Xdmx-1.1.1-48.107.0.1.el5_11.i386.rpm
xorg-x11-server-Xephyr-1.1.1-48.107.0.1.el5_11.i386.rpm
xorg-x11-server-Xnest-1.1.1-48.107.0.1.el5_11.i386.rpm
xorg-x11-server-Xorg-1.1.1-48.107.0.1.el5_11.i386.rpm
xorg-x11-server-Xvfb-1.1.1-48.107.0.1.el5_11.i386.rpm
xorg-x11-server-Xvnc-source-1.1.1-48.107.0.1.el5_11.i386.rpm
xorg-x11-server-sdk-1.1.1-48.107.0.1.el5_11.i386.rpm
x86_64:
xorg-x11-server-Xdmx-1.1.1-48.107.0.1.el5_11.x86_64.rpm
xorg-x11-server-Xephyr-1.1.1-48.107.0.1.el5_11.x86_64.rpm
xorg-x11-server-Xnest-1.1.1-48.107.0.1.el5_11.x86_64.rpm
xorg-x11-server-Xorg-1.1.1-48.107.0.1.el5_11.x86_64.rpm
xorg-x11-server-Xvfb-1.1.1-48.107.0.1.el5_11.x86_64.rpm
xorg-x11-server-Xvnc-source-1.1.1-48.107.0.1.el5_11.x86_64.rpm
xorg-x11-server-sdk-1.1.1-48.107.0.1.el5_11.x86_64.rpm
ia64:
xorg-x11-server-Xdmx-1.1.1-48.107.0.1.el5_11.ia64.rpm
xorg-x11-server-Xephyr-1.1.1-48.107.0.1.el5_11.ia64.rpm
xorg-x11-server-Xnest-1.1.1-48.107.0.1.el5_11.ia64.rpm
xorg-x11-server-Xorg-1.1.1-48.107.0.1.el5_11.ia64.rpm
xorg-x11-server-Xvfb-1.1.1-48.107.0.1.el5_11.ia64.rpm
xorg-x11-server-Xvnc-source-1.1.1-48.107.0.1.el5_11.ia64.rpm
xorg-x11-server-sdk-1.1.1-48.107.0.1.el5_11.ia64.rpm
SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/xorg-x11-server-1.1.1-48.107.0.1.el5_11.src.rpm
Description of changes:
[1.1.1-48.107.0.1.el5_11]
- Added oracle-enterprise-detect.patch
- Replaced 'Red Hat' in spec file
[1.1.1-48.107]
- CVE-2014-8091 denial of service due to unchecked malloc in client
authentication (#1168680)
- CVE-2014-8092 integer overflow in X11 core protocol requests when
calculating memory needs for requests (#1168684)
- CVE-2014-8097 out of bounds access due to not validating length or offset
values in DBE extension (#1168705)
- CVE-2014-8095 out of bounds access due to not validating length or offset
values in XInput extension (#1168694)
- CVE-2014-8096 out of bounds access due to not validating length or offset
values in XC-MISC extension(#1168700)
- CVE-2014-8099 out of bounds access due to not validating length or offset
values in XVideo extension (#1168710)
- CVE-2014-8100 out of bounds access due to not validating length or offset
values in Render extension (#1168711)
- CVE-2014-8102 out of bounds access due to not validating length or offset
values in XFixes extension (#1168714)
- CVE-2014-8101 out of bounds access due to not validating length or offset
values in RandR extension (#1168713)
- CVE-2014-8093 xorg-x11-server: integer overflow in GLX extension requests
when calculating memory needs for requests (#1168688)
- CVE-2014-8098 xorg-x11-server: out of bounds access due to not validating
length or offset values in GLX extension (#1168707)
[1.1.1-48.104]
- xserver-1.1.1-randr-config-timestamps.patch: Backport timestamp comparison
fix from upstream RANDR code (#1006076)
[1.1.1-48.103]
- CVE-2013-6424: Fix OOB in trapezoid rasterization
More information about the El-errata
mailing list