ELSA-2014-1982

ULN >
Oracle Linux Errata repository >
ELSA-2014-1982

ELSA-2014-1982 - xorg-x11-server security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2014-12-11

Description

[1.1.1-48.107.0.1.el5_11]
- Added oracle-enterprise-detect.patch
- Replaced 'Red Hat' in spec file

[1.1.1-48.107]
- CVE-2014-8091 denial of service due to unchecked malloc in client
authentication (#1168680)
- CVE-2014-8092 integer overflow in X11 core protocol requests when
calculating memory needs for requests (#1168684)
- CVE-2014-8097 out of bounds access due to not validating length or offset
values in DBE extension (#1168705)
- CVE-2014-8095 out of bounds access due to not validating length or offset
values in XInput extension (#1168694)
- CVE-2014-8096 out of bounds access due to not validating length or offset
values in XC-MISC extension(#1168700)
- CVE-2014-8099 out of bounds access due to not validating length or offset
values in XVideo extension (#1168710)
- CVE-2014-8100 out of bounds access due to not validating length or offset
values in Render extension (#1168711)
- CVE-2014-8102 out of bounds access due to not validating length or offset
values in XFixes extension (#1168714)
- CVE-2014-8101 out of bounds access due to not validating length or offset
values in RandR extension (#1168713)
- CVE-2014-8093 xorg-x11-server: integer overflow in GLX extension requests
when calculating memory needs for requests (#1168688)
- CVE-2014-8098 xorg-x11-server: out of bounds access due to not validating
length or offset values in GLX extension (#1168707)

[1.1.1-48.104]
- xserver-1.1.1-randr-config-timestamps.patch: Backport timestamp comparison
fix from upstream RANDR code (#1006076)

[1.1.1-48.103]
- CVE-2013-6424: Fix OOB in trapezoid rasterization

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 5 (i386)	xorg-x11-server-1.1.1-48.107.0.1.el5_11.src.rpm	7b8b60793aff77b7fc63c58019c274af	-
	xorg-x11-server-Xdmx-1.1.1-48.107.0.1.el5_11.i386.rpm	d431950d6934f91f2dbac8633325502b	-
	xorg-x11-server-Xephyr-1.1.1-48.107.0.1.el5_11.i386.rpm	4d51cfce7ecdcec0edfad19ea2547bb9	-
	xorg-x11-server-Xnest-1.1.1-48.107.0.1.el5_11.i386.rpm	584448c8e7771bd7dc323e237d14793e	-
	xorg-x11-server-Xorg-1.1.1-48.107.0.1.el5_11.i386.rpm	0a83eb6ddc0f7a2614ccdf14e029064d	-
	xorg-x11-server-Xvfb-1.1.1-48.107.0.1.el5_11.i386.rpm	5e8f60615876f3887db8f341cd6458e7	-
	xorg-x11-server-Xvnc-source-1.1.1-48.107.0.1.el5_11.i386.rpm	802169539115e46002b6313918d4bdaf	-
	xorg-x11-server-sdk-1.1.1-48.107.0.1.el5_11.i386.rpm	4d7f11e8a18255b77a53da737c78670c	-

Oracle Linux 5 (ia64)	xorg-x11-server-1.1.1-48.107.0.1.el5_11.src.rpm	7b8b60793aff77b7fc63c58019c274af	-
	xorg-x11-server-Xdmx-1.1.1-48.107.0.1.el5_11.ia64.rpm	aa4418ade7056d6c763b8e423968e176	-
	xorg-x11-server-Xephyr-1.1.1-48.107.0.1.el5_11.ia64.rpm	4e5fc8b52b37a36e0774c8987bcc4089	-
	xorg-x11-server-Xnest-1.1.1-48.107.0.1.el5_11.ia64.rpm	c5f2b53588f532719d3741409c207384	-
	xorg-x11-server-Xorg-1.1.1-48.107.0.1.el5_11.ia64.rpm	2d931736a5a285c52c1a1864fe6010b7	-
	xorg-x11-server-Xvfb-1.1.1-48.107.0.1.el5_11.ia64.rpm	fe56b02f4bece159546a857ff1bf5690	-
	xorg-x11-server-Xvnc-source-1.1.1-48.107.0.1.el5_11.ia64.rpm	4ab9fbd8693cea25f54eb94f345b8a73	-
	xorg-x11-server-sdk-1.1.1-48.107.0.1.el5_11.ia64.rpm	be7f6ae8cd22a7c2168cf218ebb9c58d	-

Oracle Linux 5 (x86_64)	xorg-x11-server-1.1.1-48.107.0.1.el5_11.src.rpm	7b8b60793aff77b7fc63c58019c274af	-
	xorg-x11-server-Xdmx-1.1.1-48.107.0.1.el5_11.x86_64.rpm	c61e15cca9e08850cf230f6fbeed0410	-
	xorg-x11-server-Xephyr-1.1.1-48.107.0.1.el5_11.x86_64.rpm	63b8248a01f920a2a40be3a30aaa9b5f	-
	xorg-x11-server-Xnest-1.1.1-48.107.0.1.el5_11.x86_64.rpm	90a7232f7b707cf5d7a9f2bbd39f975e	-
	xorg-x11-server-Xorg-1.1.1-48.107.0.1.el5_11.x86_64.rpm	a30958e97411e015a95f52170f119282	-
	xorg-x11-server-Xvfb-1.1.1-48.107.0.1.el5_11.x86_64.rpm	fe5267e39b20bd51c5389d7f15a33560	-
	xorg-x11-server-Xvnc-source-1.1.1-48.107.0.1.el5_11.x86_64.rpm	ddedd7c4c959b8c8efd321c469fa2aa1	-
	xorg-x11-server-sdk-1.1.1-48.107.0.1.el5_11.x86_64.rpm	6105608a86833e701ca7773a1f203a57	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691