X Strike Force XFree86 SVN commit: rev 968 - in branches/4.1.0/woody/debian: . patches
Author: branden
Date: 2004-01-26 13:43:43 -0500 (Mon, 26 Jan 2004)
New Revision: 968
Modified:
branches/4.1.0/woody/debian/changelog
branches/4.1.0/woody/debian/patches/074_SECURITY_DRI_and_GLX_DoS_fix.diff
Log:
Add CVE candidate IDs to patch and changelog.
Modified: branches/4.1.0/woody/debian/changelog
===================================================================
--- branches/4.1.0/woody/debian/changelog 2004-01-23 04:26:00 UTC (rev 967)
+++ branches/4.1.0/woody/debian/changelog 2004-01-26 18:43:43 UTC (rev 968)
@@ -5,8 +5,10 @@
succeeds, which may allow attackers to gain root privileges by
triggering error conditions within PAM modules, as demonstrated in
certain configurations of the MIT pam_krb5 module.
- + Denial-of-service attacks against X server by clients using the GLX
- extension and Direct Rendering Infrastructure.
+ + CAN-2004-0093, CAN-2003-0094: Denial-of-service attacks against the X
+ server by clients using the GLX extension and Direct Rendering
+ Infrastructure are possible due to unchecked client data (out-of-bounds
+ array indexes and integer signedness errors).
* Patch xdm to call pam_strerror(), log the returned error, and exit the
StartClient() function with a zero exit status (failure) if pam_setcred()
Modified: branches/4.1.0/woody/debian/patches/074_SECURITY_DRI_and_GLX_DoS_fix.diff
===================================================================
--- branches/4.1.0/woody/debian/patches/074_SECURITY_DRI_and_GLX_DoS_fix.diff 2004-01-23 04:26:00 UTC (rev 967)
+++ branches/4.1.0/woody/debian/patches/074_SECURITY_DRI_and_GLX_DoS_fix.diff 2004-01-26 18:43:43 UTC (rev 968)
@@ -7,6 +7,9 @@
the GLX code. This fixes X server segfaults when an invalid screen
value is provided (#A.1434, Felix Kühling).
+The CVE IDs for these vulnerabilities are CAN-2004-0093 (out-of-bounds
+array index errors) and CAN-2004-0094 (integer signedness errors).
+
--- xc/programs/Xserver/GL/dri/xf86dri.c 29 Oct 2002 20:28:57 -0000 1.10
+++ xc/programs/Xserver/GL/dri/xf86dri.c 13 Dec 2002 15:51:57 -0000
@@ -155,6 +155,11 @@
Reply to: