RE: [SECURITY] [DSA 2676-1] libxfixes security update

To: <debian-security@lists.debian.org>
Cc: <jmm@debian.org>
Subject: RE: [SECURITY] [DSA 2676-1] libxfixes security update
From: "Robin Abrahams" <robin.abrahams@cricinfo.com>
Date: Thu, 23 May 2013 18:50:38 +0100
Message-id: <[🔎] 016501ce57de$0c10b1e0$243215a0$@cricinfo.com>
Reply-to: <robin.abrahams@cricinfo.com>
In-reply-to: <20130523160034.GE10716@pisco.westfalen.local>
References: <20130523160034.GE10716@pisco.westfalen.local>

This has been sent about 6 times now

> -----Original Message-----
> From: Moritz Muehlenhoff [mailto:jmm@debian.org]
> Sent: 23 May 2013 17:01
> To: debian-security-announce@lists.debian.org
> Subject: [SECURITY] [DSA 2676-1] libxfixes security update
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> -
-------------------------------------------------------------------------
> Debian Security Advisory DSA-2676-1                   security@debian.org
> http://www.debian.org/security/                        Moritz Muehlenhoff
> May 23, 2013                           http://www.debian.org/security/faq
> -
-------------------------------------------------------------------------
> 
> Package        : libxfixes
> Vulnerability  : several
> Problem type   : remote
> Debian-specific: no
> CVE ID         : CVE-2013-1983
> 
> Ilja van Sprundel of IOActive discovered several security issues in
multiple
> components of the X.org graphics stack and the related
> libraries: Various integer overflows, sign handling errors in integer
conversions,
> buffer overflows, memory corruption and missing input sanitising may lead
to
> privilege escalation or denial of service.
> 
> For the oldstable distribution (squeeze), this problem has been fixed in
version
> 4.0.5-1+squeeze1.
> 
> For the stable distribution (wheezy), this problem has been fixed in
version
> 1:5.0-4+deb7u1.
> 
> For the unstable distribution (sid), this problem has been fixed in
version 1:5.0-
> 4+deb7u1.
> 
> We recommend that you upgrade your libxfixes packages.
> 
> Further information about Debian Security Advisories, how to apply these
> updates to your system and frequently asked questions can be found at:
> http://www.debian.org/security/
> 
> Mailing list: debian-security-announce@lists.debian.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
> 
> iEYEARECAAYFAlGeNGgACgkQXm3vHE4uylorbACfbKyJ+5tuvzMDW5LOK7C/0Li
> s
> V2gAoLMvptDOSkBeG8UalxWLhzVZAMnq
> =xHEW
> -----END PGP SIGNATURE-----
> 
> 
> --
> To UNSUBSCRIBE, email to debian-security-announce-
> REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
> Archive:
> http://lists.debian.org/20130523160034.GE10716@pisco.westfalen.local





This email, including attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received this email in error please notify the sender and delete it from your system.  Emails are not secure and may contain viruses.  No liability can be accepted for viruses that might be transferred by this email or any attachment.

Reply to:

Prev by Date: Re: [SECURITY] [DSA 2669-1] linux security update
Next by Date: Re: [SECURITY] [DSA 2692-1] libxxf86vm security update
Previous by thread: Re: [SECURITY] [DSA 2669-1] linux security update
Next by thread: Re: [SECURITY] [DSA 2692-1] libxxf86vm security update
Index(es):
- Date
- Thread