A CVE was assigned for a regression caused by the CVE-2014-8092 fix: http://openwall.com/lists/oss-security/2015/04/25/4 We fixed CVE-2014-8092 in Bug 14767. The new fix is already in Cauldron. Patched package uploaded for Mageia 4. Advisory: ======================== Updated x11-server packages fix security vulnerability: A regression in the fix for CVE-2014-8092 (MGASA-2014-0532) caused another issue which could lead to a local denial of service (CVE-2015-3418). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3418 http://openwall.com/lists/oss-security/2015/04/25/4 ======================== Updated packages in core/updates_testing: ======================== x11-server-1.14.5-2.4.mga4 x11-server-devel-1.14.5-2.4.mga4 x11-server-common-1.14.5-2.4.mga4 x11-server-xorg-1.14.5-2.4.mga4 x11-server-xdmx-1.14.5-2.4.mga4 x11-server-xnest-1.14.5-2.4.mga4 x11-server-xvfb-1.14.5-2.4.mga4 x11-server-xephyr-1.14.5-2.4.mga4 x11-server-xfake-1.14.5-2.4.mga4 x11-server-xfbdev-1.14.5-2.4.mga4 x11-server-source-1.14.5-2.4.mga4 from x11-server-1.14.5-2.4.mga4.src.rpm Reproducible: Steps to Reproduce:
Working fine Mageia 4 i586.
Whiteboard: (none) => MGA4-32-OK
MGA4 x64 real hardware with AMD/ATI/Radeon video. Having just x11-server-1.14.5-2.4.mga4 x11-server-common-1.14.5-2.4.mga4 and using my system with graphics-oriented applications, nothing untoward noticed. I would rather see more testers trying this update, but am OKing it anyway.
CC: (none) => lewyssmithWhiteboard: MGA4-32-OK => MGA4-32-OK MGA4-64-OK
(In reply to Lewis Smith from comment #2) > I would rather see more testers trying this update, but am OKing it anyway. It was just a tiny patch (and one that's already in Cauldron). Should be fine.
Tested OK here too mga4 64. No regression noticed in general use. Validating. Advisory uploaded. Please push to 4 updates Thanks!
Keywords: (none) => validated_updateWhiteboard: MGA4-32-OK MGA4-64-OK => has_procedure advisory MGA4-32-OK MGA4-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0196.html
Status: NEW => RESOLVEDResolution: (none) => FIXED