Bug#422936: marked as done (CVE-2007-2437: Xrender extension allows remote DoS)

To: Julien Cristau <jcristau@debian.org>
Subject: Bug#422936: marked as done (CVE-2007-2437: Xrender extension allows remote DoS)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Wed, 09 May 2007 10:54:03 +0000
Message-id: <[🔎] handler.422936.D422936.11787079095760.ackdone@bugs.debian.org>
References: <E1HljhJ-0001Up-E3@ries.debian.org> <[🔎] 20070508223748.8203.91260.reportbug@pond.riseup.net>

Your message dated Wed, 09 May 2007 10:47:05 +0000
with message-id <E1HljhJ-0001Up-E3@ries.debian.org>
and subject line Bug#422936: fixed in xorg-server 2:1.3.0.0.dfsg-4
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: CVE-2007-2437: Xrender extension allows remote DoS
From: Micah Anderson <micah@debian.org>
Date: Tue, 08 May 2007 16:37:48 -0600
Message-id: <[🔎] 20070508223748.8203.91260.reportbug@pond.riseup.net>

Package: xorg-server
Severity: important


Hi,

CVE-2007-2437 came out recently, and its description reads:

The X render (Xrender) extension in X.org X Window System 7.0, 7.1,
and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated
users to cause a denial of service (daemon crash) via crafted values
to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps
functions, which trigger a divide-by-zero error.

More information can be found here:
http://xforce.iss.net/xforce/xfdb/33976
http://www.rapid7.com/advisories/R7-0027.jsp
http://www.securitytracker.com/id?1017984

According to the information referenced there the solution is to
"Upgrade to the latest version of X.Org Server (7.2 with Xserver 1.3.1
or later), available from the X.Org Foundation Web site"

Please include the CVE reference in any changelogs that reference this
issue.

Thanks!
Micah



-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-4-vserver-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

--- End Message ---

--- Begin Message ---

To: 422936-close@bugs.debian.org
Subject: Bug#422936: fixed in xorg-server 2:1.3.0.0.dfsg-4
From: Julien Cristau <jcristau@debian.org>
Date: Wed, 09 May 2007 10:47:05 +0000
Message-id: <E1HljhJ-0001Up-E3@ries.debian.org>

Source: xorg-server
Source-Version: 2:1.3.0.0.dfsg-4

We believe that the bug you reported is fixed in the latest version of
xorg-server, which is due to be installed in the Debian FTP archive:

xdmx-tools_1.3.0.0.dfsg-4_i386.deb
  to pool/main/x/xorg-server/xdmx-tools_1.3.0.0.dfsg-4_i386.deb
xdmx_1.3.0.0.dfsg-4_i386.deb
  to pool/main/x/xorg-server/xdmx_1.3.0.0.dfsg-4_i386.deb
xnest_1.3.0.0.dfsg-4_i386.deb
  to pool/main/x/xorg-server/xnest_1.3.0.0.dfsg-4_i386.deb
xorg-server_1.3.0.0.dfsg-4.diff.gz
  to pool/main/x/xorg-server/xorg-server_1.3.0.0.dfsg-4.diff.gz
xorg-server_1.3.0.0.dfsg-4.dsc
  to pool/main/x/xorg-server/xorg-server_1.3.0.0.dfsg-4.dsc
xprint-common_1.3.0.0.dfsg-4_all.deb
  to pool/main/x/xorg-server/xprint-common_1.3.0.0.dfsg-4_all.deb
xprint_1.3.0.0.dfsg-4_i386.deb
  to pool/main/x/xorg-server/xprint_1.3.0.0.dfsg-4_i386.deb
xserver-xephyr_1.3.0.0.dfsg-4_i386.deb
  to pool/main/x/xorg-server/xserver-xephyr_1.3.0.0.dfsg-4_i386.deb
xserver-xorg-core-dbg_1.3.0.0.dfsg-4_i386.deb
  to pool/main/x/xorg-server/xserver-xorg-core-dbg_1.3.0.0.dfsg-4_i386.deb
xserver-xorg-core_1.3.0.0.dfsg-4_i386.deb
  to pool/main/x/xorg-server/xserver-xorg-core_1.3.0.0.dfsg-4_i386.deb
xserver-xorg-dev_1.3.0.0.dfsg-4_i386.deb
  to pool/main/x/xorg-server/xserver-xorg-dev_1.3.0.0.dfsg-4_i386.deb
xvfb_1.3.0.0.dfsg-4_i386.deb
  to pool/main/x/xorg-server/xvfb_1.3.0.0.dfsg-4_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 422936@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julien Cristau <jcristau@debian.org> (supplier of updated xorg-server package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 09 May 2007 02:11:08 +0200
Source: xorg-server
Binary: xserver-xephyr xprint xserver-xorg-core xvfb xserver-xorg-dev xdmx xprint-common xdmx-tools xserver-xorg-core-dbg xnest
Architecture: source i386 all
Version: 2:1.3.0.0.dfsg-4
Distribution: unstable
Urgency: low
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description: 
 xdmx       - Distributed Multihead X server
 xdmx-tools - Distributed Multihead X tools
 xnest      - Nested X server
 xprint     - Xprint - the X11 print system (binary)
 xprint-common - Xprint - the X11 print system (configuration files)
 xserver-xephyr - Next Generation Nested X Server
 xserver-xorg-core - X.Org X server -- core server
 xserver-xorg-core-dbg - Xorg - the X.Org X server (debugging symbols)
 xserver-xorg-dev - X.Org X server -- development files
 xvfb       - Virtual Framebuffer 'fake' X server
Closes: 422936
Changes: 
 xorg-server (2:1.3.0.0.dfsg-4) unstable; urgency=low
 .
   * Cherry-pick patch from upstream git to fix security issue in the Xrender
     extension: malicious clients can cause a division by zero in the server
     (closes: #422936). Reference: CVE-2007-2437. Thanks, Micah Anderson!
Files: 
 51dfc7b6def354b2e4a2961860779007 2322 x11 optional xorg-server_1.3.0.0.dfsg-4.dsc
 26cda23ce0dc0829adcf379ab2ff2941 574528 x11 optional xorg-server_1.3.0.0.dfsg-4.diff.gz
 ad0c37a2ac30479114210eaee5190d4c 262036 x11 optional xprint-common_1.3.0.0.dfsg-4_all.deb
 8959e0c0a889b15d61929b339ab0ba8c 3578650 x11 optional xserver-xorg-core_1.3.0.0.dfsg-4_i386.deb
 f83fbd8dd2146b9865c451b41007763a 310104 x11 optional xserver-xorg-dev_1.3.0.0.dfsg-4_i386.deb
 fb26ac1e79eaa374e7144c270174aa0a 786956 x11 optional xdmx_1.3.0.0.dfsg-4_i386.deb
 c415f720ad9499a5e4ad0a9aaecad7b9 82668 x11 optional xdmx-tools_1.3.0.0.dfsg-4_i386.deb
 2827fc51a1a389eace52bb4694e76f3b 1393406 x11 optional xnest_1.3.0.0.dfsg-4_i386.deb
 277e3edc88207a1fa0301553b31f9e48 1541848 x11 optional xvfb_1.3.0.0.dfsg-4_i386.deb
 8f57437daab623e9394b54b1d4a8875d 1570850 x11 optional xserver-xephyr_1.3.0.0.dfsg-4_i386.deb
 6169b3c820f8e6e94215fecdeb0dc667 1614612 x11 optional xprint_1.3.0.0.dfsg-4_i386.deb
 78dbe87febb859cf28d5c71143a9622b 12152158 x11 extra xserver-xorg-core-dbg_1.3.0.0.dfsg-4_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGQaGgmEvTgKxfcAwRAjUMAJ493/YH/grHlICaDEqKKG8TJbsjxwCfYoXH
84ybGYtjuhEikf8B6Gl7+pI=
=fihq
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

References:
- Bug#422936: CVE-2007-2437: Xrender extension allows remote DoS
  - From: Micah Anderson <micah@debian.org>

Prev by Date: xorg-server_1.3.0.0.dfsg-4_i386.changes ACCEPTED
Next by Date: Bug#314990: xdm: cannot log in
Previous by thread: Bug#422936: CVE-2007-2437: Xrender extension allows remote DoS
Next by thread: Bug#396676: marked as done (xserver-xorg-video-nv: X does not get past nvidia logo)
Index(es):
- Date
- Thread