Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 230147 - net-misc/nxnode, net-misc/nx: multiple vulnerabilities in X server extensions
Summary: net-misc/nxnode, net-misc/nx: multiple vulnerabilities in X server extensions
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa]
Depends on:
Reported: 2008-06-30 09:02 UTC by Bernard Cafarelli
Modified: 2008-07-09 22:01 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Bernard Cafarelli gentoo-dev 2008-06-30 09:02:40 UTC
"ROME, Italy, June 25, 2008 - NoMachine releases the third maintenance release of NX Node 3.2.0. The new packages provide updated versions of the nx-X11 and nxagent components including patches which solve the issues reported by X.Org security advisory, June 11th, 2008:

Although in NX these vulnerabilities cannot lead to privilege escalation since the X11 agent never runs as root, we strongly advise all users to upgrade their NX Node packages to the latest version"

Looks like these are the CVEs from bug #225419

I am currently testing new packages for both net-misc/nxnode and net-misc/nx, will need stable keywords on amd64 and x86
Comment 1 Bernard Cafarelli gentoo-dev 2008-06-30 12:48:27 UTC
Packages bumped, need amd64 and x86 stable keywords:
* net-misc/nxnode-3.2.0-r3
* net-misc/nx-3.2.0-r2
Comment 2 Christian Faulhammer (RETIRED) gentoo-dev 2008-07-03 13:47:39 UTC
x86 stable
Comment 3 Markus Meier gentoo-dev 2008-07-06 20:36:32 UTC
amd64 stable, all arches done.
Comment 4 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-07-06 20:42:22 UTC
glsa request filed.
Comment 5 Robert Buchholz (RETIRED) gentoo-dev 2008-07-09 22:01:32 UTC
GLSA 200807-07