Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 403941 - =x11-base/xorg-server-1.10.6 version bump request
Summary: =x11-base/xorg-server-1.10.6 version bump request
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: Normal enhancement (vote)
Assignee: Gentoo X packagers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 391193 395385
  Show dependency tree
 
Reported: 2012-02-15 19:36 UTC by ScytheMan
Modified: 2012-02-24 02:49 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description ScytheMan 2012-02-15 19:36:00 UTC 
Although xorg-server-1.11 is marked stable on most arches, please add xorg-server-1.10.6 to the tree. 
AMD's fglrx doesn't work correctly with xorg-server-1.11 (xv problem bug #391193 ). 

ChangeLog also lists:
      Fix CVE-2011-4028: File disclosure vulnerability.
      Fix CVE-2011-4029: File permission change vulnerability.


http://lists.freedesktop.org/archives/xorg-announce/2012-February/001815.html
http://lists.freedesktop.org/archives/xorg-announce/2012-February/001816.html
Comment 1 Agostino Sarubbo gentoo-dev 2012-02-15 20:04:47 UTC 
is not a security bug.
Comment 2 Chí-Thanh Christopher Nguyễn gentoo-dev 2012-02-15 20:20:07 UTC 
The security issues were already addressed in 1.10.4-r1. From the ChangeLog:

+  18 Oct 2011; Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org>
+  +xorg-server-1.9.5-r1.ebuild, +xorg-server-1.10.4-r1.ebuild,
+  +xorg-server-1.11.1-r1.ebuild, +files/xorg-cve-2011-4028+4029.patch:
+  Add patch for security bug #387069.
Comment 3 Chí-Thanh Christopher Nguyễn gentoo-dev 2012-02-24 02:49:43 UTC 
Fixed in CVS.