In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.
@maintainer(s), after fix, please call for stabilization when ready, thank you!
Gentoo Security Padawan
Daj' Uan (jmbailey)
1.19.4 has been in tree for 5 days..
I can't personally call for stable though, before I've looked into bug 633530 (help welcome)
We should be able to proceed now.
Stable on amd64
Withdrawing stabilization, as there's a regression fix in just released xorg-server-1.19.5 and more security fixes. So we should target that instead and do it all at once, I think. Especially due to the regression in 1.19.4 (but I don't know its severity).
Version bumped to 1.19.5
@arches, please test and mark for stable, thank you.
stabilization target =x11-base/xorg-server-1.19.4
see comment #5...
We have concluded together with Matt, that we can proceed with 1.19.5.
Bug 633530 seems to be an eudev issue now -- mixing of stable eudev with testing eudev, so not affecting full stable tree for security.
The first fixed version in tree was 1.19.4 as it's related to the reported CVE. The stabilization target can be different, but the record should reflect the actual fixed ebuild.
ppc/ppc64 stable (thanks to ernsteiswuerfel)
Stable on alpha.
(In reply to Aaron Bauman from comment #10)
> The first fixed version in tree was 1.19.4 as it's related to the reported
> CVE. The stabilization target can be different, but the record should
> reflect the actual fixed ebuild.
there should be a record for the CVEs 1.19.5 fixed, and I suggested it be here and suggested them to be added here.
@maintainers, please clean the vulnerable versions.
(In reply to Mart Raudsepp from comment #17)
> (In reply to Aaron Bauman from comment #10)
> > The first fixed version in tree was 1.19.4 as it's related to the reported
> > CVE. The stabilization target can be different, but the record should
> > reflect the actual fixed ebuild.
> there should be a record for the CVEs 1.19.5 fixed, and I suggested it be
> here and suggested them to be added here.
Sure. Another bug can be opened to track if you want.
New GLSA request filed.
This issue was resolved and addressed in
GLSA 201710-30 at https://security.gentoo.org/glsa/201710-30
by GLSA coordinator Aaron Bauman (b-man).
re-opened for cleanup
sparc stable (thanks to Rolf Eike Beer)
Vulnerable versions removed in
Author: Matt Turner <email@example.com>
Date: Mon Oct 30 18:44:14 2017 -0700
x11-base/xorg-server: Drop vulnerable versions