[SECURITY] [DSA 3160-1] xorg-server security update

2015-02-16T00:00:00
ID SECURITYVULNS:DOC:31718
Type securityvulns
Reporter Securityvulns
Modified 2015-02-16T00:00:00

Description

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


Debian Security Advisory DSA-3160-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff February 11, 2015 http://www.debian.org/security/faq


Package : xorg-server CVE ID : CVE-2015-0255

Olivier Fourdan discovered that missing input validation in the Xserver's handling of XkbSetGeometry requests may result in an information leak or denial of service.

For the stable distribution (wheezy), this problem has been fixed in version 2:1.12.4-6+deb7u6.

For the unstable distribution (sid), this problem has been fixed in version 2:1.16.4-1.

We recommend that you upgrade your xorg-server packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQIcBAEBAgAGBQJU24/HAAoJEBDCk7bDfE429IIP/0eu6jKzGfsjkB9lllWv1Q6W PSJwM7k7++X22wTwBX6rY8anaV1ZeMhAnXU0i4a3+Tg3HfJKwjmI0I7AaAWS97Zi v63goHpkbQN/W0hAtwNdSJQtCMwqdZ5H0vjInSks1U9zEa4Mz+VTTTaDhkjXOZgs 2rlOTs9+WIX6BCgfVwcVX+O+5GzT/DADJ5eEMsdOsREMHE5Bm0mvCm4FGE5Q/1Y8 CYFiiahhkfEwly62Y3OId5fJe9xexZd+DtXHX9sASpzxSR/Qu0dQ4zZdHIUScuT7 IuRmSZ74cL2n0IONjjeud5d3brrjiLOQMKBtx5BP+wmuERX81vmD8r7/GtxdXsu4 tofurVcb7ABsxG8kIizoUt9fm03yk8u8NuGSSRO2hoLncpOZvN3xV3YxW89Ru6Ip W/KgLmYDtDvk7cK4FS9CX87j0Iqq5kM2J9pQPX96b77TlyoV2rKDjO0DUgHytTQM nt5gyFmiDziH1F5U+E/sm/vp7gz30Hk+ql9EmS33sv6aTXCmoq84xVlpvCstQd7L ZUjL7jO4jnitpQspRWyLfcLFM2JbNONN9h5wRcQZqQTAkKY1LaXLLJyldgUfUCzg KttqqXVjl/u1q5iax+2Fgxp3eIRGMeT9MV01rxrQ3dGKZvU35WIV3RAXuwLGwmbb 8+5qPqqL+0hJJjeUORrC =eFM3 -----END PGP SIGNATURE-----