Re: [SECURITY] [DSA 2784-1] xorg-server security update
nada nada
El 22/10/2013, a las 19:51, Moritz Muehlenhoff <jmm@debian.org> escribió:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - -------------------------------------------------------------------------
> Debian Security Advisory DSA-2784-1 security@debian.org
> http://www.debian.org/security/ Moritz Muehlenhoff
> October 22, 2013 http://www.debian.org/security/faq
> - -------------------------------------------------------------------------
>
> Package : xorg-server
> Vulnerability : use-after-free
> Problem type : local
> Debian-specific: no
> CVE ID : CVE-2013-4396
>
> Pedro Ribeiro discovered a use-after-free in the handling of ImageText
> requests in the Xorg Xserver, which could result in denial of service
> or privilege escalation.
>
> For the oldstable distribution (squeeze), this problem has been fixed in
> version 1.7.7-17.
>
> For the stable distribution (wheezy), this problem has been fixed in
> version 1.12.4-6+deb7u1.
>
> For the testing distribution (jessie), this problem has been fixed in
> version 1.14.3-4.
>
> For the unstable distribution (sid), this problem has been fixed in
> version 1.14.3-4.
>
> We recommend that you upgrade your xorg-server packages.
>
> Further information about Debian Security Advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: http://www.debian.org/security/
>
> Mailing list: debian-security-announce@lists.debian.org
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.15 (GNU/Linux)
>
> iEYEARECAAYFAlJmuwsACgkQXm3vHE4uyloP0QCfV6OhGtL2yfqYTwY3zRGRl1Ea
> Z8UAn0i4QmDeUgsT3m1zeZeWIBHC1bq9
> =m0I/
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/20131022175146.GA4648@pisco.westfalen.local
>
Reply to: