Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 191964
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 191964 depends on: Show dependency tree
Bug 191964 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-09-10 10:22 0000 
From FrSIRT/ADV-2007-3098:

A vulnerability has been identified in X.Org X Server, which could be exploited
by local attackers to obtain elevated privileges. This issue is caused by a
buffer overflow error in the "compNewPixmap()" [composite/compalloc.c] function
within the composite extension when copying the contents of pixmaps, which
could be exploited by malicious users to execute arbitrary code with elevated
privileges.

Affected Products: X.Org X Server versions prior to 1.4

------- Comment #1 From Robert Buchholz 2007-09-10 10:58:11 0000 ------- 
The patch from http://bugs.freedesktop.org/show_bug.cgi?id=7447 applies to
1.3.0.0 fine:
http://bugs.freedesktop.org/attachment.cgi?id=11368&action=view

------- Comment #2 From Robert Buchholz 2007-09-10 11:06:57 0000 ------- 
cc'ing maintainers (per request)

------- Comment #3 From Robert Buchholz 2007-09-11 10:41:24 0000 ------- 
meh.. sorry for the bugspam

------- Comment #4 From Robert Buchholz 2007-09-11 20:54:30 0000 ------- 
x11, is the composite extension enabled or disabled by default?

Please provide an updated ebuild with the fix.

------- Comment #5 From Donnie Berkholz 2007-09-11 21:35:29 0000 ------- 
(In reply to comment #4)
> x11, is the composite extension enabled or disabled by default?

Off, but anyone using eye candy has it on.

> Please provide an updated ebuild with the fix.

Will get to it soon.

------- Comment #6 From Robert Buchholz 2007-09-24 22:05:16 0000 ------- 
(In reply to comment #5)
> > Please provide an updated ebuild with the fix.
> Will get to it soon.

Any updates here?

------- Comment #7 From Donnie Berkholz 2007-09-30 07:42:45 0000 ------- 
1.3.0.0-r1 has this fix.

------- Comment #8 From Pierre-Yves Rofes 2007-09-30 09:53:39 0000 ------- 
Thanks Donnie. 
Arches, please test and mark stable x11-base/xorg-server-1.3.0.0-r1
target "alpha amd64 arm hppa ia64 mips ppc ppc64 sh sparc x86 ~x86-fbsd"

------- Comment #9 From Markus Meier 2007-09-30 13:18:54 0000 ------- 
x86 stable

------- Comment #10 From Markus Rothe 2007-09-30 15:34:28 0000 ------- 
ppc64 stable

------- Comment #11 From Tobias Scherbaum 2007-09-30 19:53:59 0000 ------- 
ppc stable

------- Comment #12 From Joshua Kinard 2007-10-01 00:51:29 0000 ------- 
mips stable.

------- Comment #13 From Raúl Porcel 2007-10-01 13:18:25 0000 ------- 
alpha/ia64/sparc stable

------- Comment #14 From Jeroen Roovers 2007-10-02 05:04:12 0000 ------- 
Stable for HPPA.

------- Comment #15 From Chris Gianelloni (RETIRED) 2007-10-02 20:05:22 0000 ------- 
amd64 done

------- Comment #16 From Pierre-Yves Rofes 2007-10-02 20:35:49 0000 ------- 
glsa request filed.

------- Comment #17 From Pierre-Yves Rofes 2007-10-15 05:11:39 0000 ------- 
GLSA 200710-16
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug