From FrSIRT/ADV-2007-3098: A vulnerability has been identified in X.Org X Server, which could be exploited by local attackers to obtain elevated privileges. This issue is caused by a buffer overflow error in the "compNewPixmap()" [composite/compalloc.c] function within the composite extension when copying the contents of pixmaps, which could be exploited by malicious users to execute arbitrary code with elevated privileges. Affected Products: X.Org X Server versions prior to 1.4
The patch from http://bugs.freedesktop.org/show_bug.cgi?id=7447 applies to 1.3.0.0 fine: http://bugs.freedesktop.org/attachment.cgi?id=11368&action=view
cc'ing maintainers (per request)
meh.. sorry for the bugspam
x11, is the composite extension enabled or disabled by default? Please provide an updated ebuild with the fix.
(In reply to comment #4) > x11, is the composite extension enabled or disabled by default? Off, but anyone using eye candy has it on. > Please provide an updated ebuild with the fix. Will get to it soon.
(In reply to comment #5) > > Please provide an updated ebuild with the fix. > Will get to it soon. Any updates here?
1.3.0.0-r1 has this fix.
Thanks Donnie. Arches, please test and mark stable x11-base/xorg-server-1.3.0.0-r1 target "alpha amd64 arm hppa ia64 mips ppc ppc64 sh sparc x86 ~x86-fbsd"
x86 stable
ppc64 stable
ppc stable
mips stable.
alpha/ia64/sparc stable
Stable for HPPA.
amd64 done
glsa request filed.
GLSA 200710-16