xorg security update

2010-05-28T11:43:32
ID CESA-2010:0382
Type centos
Reporter CentOS Project
Modified 2010-05-28T11:43:33

Description

CentOS Errata and Security Advisory CESA-2010:0382

X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

An incorrect calculation flaw was discovered in the X.Org Render extension. A malicious, authorized client could exploit this issue to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2010-1166)

Users of xorg-x11-server should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for this update to take effect.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2010-May/016649.html http://lists.centos.org/pipermail/centos-announce/2010-May/016651.html

Affected packages: xorg-x11-server xorg-x11-server-Xdmx xorg-x11-server-Xephyr xorg-x11-server-Xnest xorg-x11-server-Xorg xorg-x11-server-Xvfb xorg-x11-server-Xvnc-source xorg-x11-server-sdk

Upstream details at: https://rhn.redhat.com/errata/RHSA-2010-0382.html