X Strike Force XFree86 SVN commit: rev 968 - in branches/4.1.0/woody/debian: . patches

To: debian-x@lists.debian.org
Subject: X Strike Force XFree86 SVN commit: rev 968 - in branches/4.1.0/woody/debian: . patches
From: X Strike Force SVN Repository Admin <branden+svnadmin@deadbeast.net>
Date: Mon, 26 Jan 2004 13:43:45 -0500 (EST)
Message-id: <[🔎] 20040126184345.A5DC55C05F@necrotic.deadbeast.net>
Reply-to: debian-x@lists.debian.org

Author: branden
Date: 2004-01-26 13:43:43 -0500 (Mon, 26 Jan 2004)
New Revision: 968

Modified:
   branches/4.1.0/woody/debian/changelog
   branches/4.1.0/woody/debian/patches/074_SECURITY_DRI_and_GLX_DoS_fix.diff
Log:
Add CVE candidate IDs to patch and changelog.


Modified: branches/4.1.0/woody/debian/changelog
===================================================================
--- branches/4.1.0/woody/debian/changelog	2004-01-23 04:26:00 UTC (rev 967)
+++ branches/4.1.0/woody/debian/changelog	2004-01-26 18:43:43 UTC (rev 968)
@@ -5,8 +5,10 @@
       succeeds, which may allow attackers to gain root privileges by
       triggering error conditions within PAM modules, as demonstrated in
       certain configurations of the MIT pam_krb5 module.
-    + Denial-of-service attacks against X server by clients using the GLX
-      extension and Direct Rendering Infrastructure.
+    + CAN-2004-0093, CAN-2003-0094: Denial-of-service attacks against the X
+      server by clients using the GLX extension and Direct Rendering
+      Infrastructure are possible due to unchecked client data (out-of-bounds
+      array indexes and integer signedness errors).
 
   * Patch xdm to call pam_strerror(), log the returned error, and exit the
     StartClient() function with a zero exit status (failure) if pam_setcred()

Modified: branches/4.1.0/woody/debian/patches/074_SECURITY_DRI_and_GLX_DoS_fix.diff
===================================================================
--- branches/4.1.0/woody/debian/patches/074_SECURITY_DRI_and_GLX_DoS_fix.diff	2004-01-23 04:26:00 UTC (rev 967)
+++ branches/4.1.0/woody/debian/patches/074_SECURITY_DRI_and_GLX_DoS_fix.diff	2004-01-26 18:43:43 UTC (rev 968)
@@ -7,6 +7,9 @@
       the GLX code.  This fixes X server segfaults when an invalid screen
       value is provided (#A.1434, Felix Kühling).
 
+The CVE IDs for these vulnerabilities are CAN-2004-0093 (out-of-bounds
+array index errors) and CAN-2004-0094 (integer signedness errors).
+
 --- xc/programs/Xserver/GL/dri/xf86dri.c	29 Oct 2002 20:28:57 -0000	1.10
 +++ xc/programs/Xserver/GL/dri/xf86dri.c	13 Dec 2002 15:51:57 -0000
 @@ -155,6 +155,11 @@

Reply to:

Prev by Date: Bug#229850: xserver-xfree86: Nokia 446Xpro properly detected but sync incorrect
Next by Date: X Strike Force XFree86 SVN commit: rev 969 - branches/4.3.0/sid/debian/po
Previous by thread: Bug#229850: xserver-xfree86: Nokia 446Xpro properly detected but sync incorrect
Next by thread: X Strike Force XFree86 SVN commit: rev 969 - branches/4.3.0/sid/debian/po
Index(es):
- Date
- Thread