Summary: | x11-base/xorg-server < 1.3.0.0-r1 Composite local privilege escalation (CVE-2007-4730) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | x11 |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.frsirt.com/english/advisories/2007/3098 | ||
Whiteboard: | B1 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Robert Buchholz (RETIRED)
2007-09-10 10:22:04 UTC
The patch from http://bugs.freedesktop.org/show_bug.cgi?id=7447 applies to 1.3.0.0 fine: http://bugs.freedesktop.org/attachment.cgi?id=11368&action=view cc'ing maintainers (per request) meh.. sorry for the bugspam x11, is the composite extension enabled or disabled by default? Please provide an updated ebuild with the fix. (In reply to comment #4) > x11, is the composite extension enabled or disabled by default? Off, but anyone using eye candy has it on. > Please provide an updated ebuild with the fix. Will get to it soon. (In reply to comment #5) > > Please provide an updated ebuild with the fix. > Will get to it soon. Any updates here? 1.3.0.0-r1 has this fix. Thanks Donnie. Arches, please test and mark stable x11-base/xorg-server-1.3.0.0-r1 target "alpha amd64 arm hppa ia64 mips ppc ppc64 sh sparc x86 ~x86-fbsd" x86 stable ppc64 stable ppc stable mips stable. alpha/ia64/sparc stable Stable for HPPA. amd64 done glsa request filed. GLSA 200710-16 |