Bug 20376 - x11-server new security issues CVE-2017-2624 and others from X41-2017-001
Summary: x11-server new security issues CVE-2017-2624 and others from X41-2017-001
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Thierry Vignaud
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on: 21191
Blocks:
  Show dependency treegraph
 
Reported: 2017-03-01 12:18 CET by David Walser
Modified: 2017-08-15 12:00 CEST (History)
0 users

See Also:
Source RPM: x11-server-1.16.4-2.1.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2017-03-01 12:18:15 CET 
Upstream has issued an advisory on February 28:
http://openwall.com/lists/oss-security/2017/02/28/3
https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/

I assume the affected version of 1.19.0 and below means they're fixed in 1.19.1 that we have in Cauldron.
Comment 1 David Walser 2017-03-01 12:19:25 CET 
More info available here:
http://openwall.com/lists/oss-security/2017/03/01/1
Comment 2 Thierry Vignaud 2017-03-01 14:43:42 CET 
patches applied for Cauldron:
http://svnweb.mageia.org/packages?view=revision&revision=1088376
Comment 3 David Walser 2017-06-22 00:09:39 CEST 
openSUSE has issued an advisory for this on June 19:
https://lists.opensuse.org/opensuse-updates/2017-06/msg00070.html
David Walser 2017-07-06 22:22:47 CEST

Blocks: (none) => 21191

Comment 4 David Walser 2017-07-27 16:14:57 CEST 
Ubuntu has issued an advisory for this on July 24:
https://usn.ubuntu.com/usn/usn-3362-1/
David Walser 2017-07-30 04:36:19 CEST

Blocks: 21191 => (none)
Depends on: (none) => 21191

Comment 5 David Walser 2017-08-15 12:00:38 CEST 
Fixed in:
http://advisories.mageia.org/MGASA-2017-0269.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.