SUSE-SU-2017:3047-1: moderate: Security update for xorg-x11-server

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed Nov 22 13:09:47 MST 2017


   SUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:3047-1
Rating:             moderate
References:         #1022727 #1051150 #1052984 #1061107 #1063034 
                    #1063035 #1063037 #1063038 #1063039 #1063040 
                    #1063041 
Cross-References:   CVE-2017-12176 CVE-2017-12177 CVE-2017-12178
                    CVE-2017-12179 CVE-2017-12180 CVE-2017-12181
                    CVE-2017-12182 CVE-2017-12183 CVE-2017-12184
                    CVE-2017-12185 CVE-2017-12186 CVE-2017-12187
                    CVE-2017-13721 CVE-2017-13723
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 12-SP3
                    SUSE Linux Enterprise Software Development Kit 12-SP2
                    SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
                    SUSE Linux Enterprise Server 12-SP3
                    SUSE Linux Enterprise Server 12-SP2
                    SUSE Linux Enterprise Desktop 12-SP3
                    SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________

   An update that fixes 14 vulnerabilities is now available.

Description:



   This update for xorg-x11-server fixes several issues.

   These security issues were fixed:

   - CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm
     could lead to shared memory segments of other users beeing freed
     (bnc#1052984)
   - CVE-2017-13723: A local denial of service via unusual characters in
     XkbAtomText and XkbStringText was fixed (bnc#1051150)
   - CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed
     unvalidated lengths in multiple extensions (bsc#1063034)
   - CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES extension.
     (bsc#1063035)
   - CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated
     lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions
     (bsc#1063037)
   - CVE-2017-12179: Fixed an integer overflow and unvalidated length in
     (S)ProcXIBarrierReleasePointer in Xi (bsc#1063038)
   - CVE-2017-12178: Fixed a wrong extra length check in
     ProcXIChangeHierarchy in Xi (bsc#1063039)
   - CVE-2017-12177: Fixed an unvalidated variable-length request in
     ProcDbeGetVisualInfo (bsc#1063040)
   - CVE-2017-12176: Fixed an unvalidated extra length in
     ProcEstablishConnection (bsc#1063041)


   These non-security issues were fixed:

   - Make colormap/gamma glue code work with the RandR extension disabled.
     This prevents it from crashing and showing wrong colors. (bsc#1061107)
   - Recognize ssh as a remote client to fix launching applications remotely
     when using DRI3. (bsc#1022727)


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 12-SP3:

      zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1884=1

   - SUSE Linux Enterprise Software Development Kit 12-SP2:

      zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1884=1

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

      zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1884=1

   - SUSE Linux Enterprise Server 12-SP3:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1884=1

   - SUSE Linux Enterprise Server 12-SP2:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1884=1

   - SUSE Linux Enterprise Desktop 12-SP3:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1884=1

   - SUSE Linux Enterprise Desktop 12-SP2:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1884=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):

      xorg-x11-server-debuginfo-7.6_1.18.3-76.15.2
      xorg-x11-server-debugsource-7.6_1.18.3-76.15.2
      xorg-x11-server-sdk-7.6_1.18.3-76.15.2

   - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):

      xorg-x11-server-debuginfo-7.6_1.18.3-76.15.2
      xorg-x11-server-debugsource-7.6_1.18.3-76.15.2
      xorg-x11-server-sdk-7.6_1.18.3-76.15.2

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

      xorg-x11-server-7.6_1.18.3-76.15.2
      xorg-x11-server-debuginfo-7.6_1.18.3-76.15.2
      xorg-x11-server-debugsource-7.6_1.18.3-76.15.2
      xorg-x11-server-extra-7.6_1.18.3-76.15.2
      xorg-x11-server-extra-debuginfo-7.6_1.18.3-76.15.2

   - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

      xorg-x11-server-7.6_1.18.3-76.15.2
      xorg-x11-server-debuginfo-7.6_1.18.3-76.15.2
      xorg-x11-server-debugsource-7.6_1.18.3-76.15.2
      xorg-x11-server-extra-7.6_1.18.3-76.15.2
      xorg-x11-server-extra-debuginfo-7.6_1.18.3-76.15.2

   - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64):

      xorg-x11-server-7.6_1.18.3-76.15.2
      xorg-x11-server-debuginfo-7.6_1.18.3-76.15.2
      xorg-x11-server-debugsource-7.6_1.18.3-76.15.2
      xorg-x11-server-extra-7.6_1.18.3-76.15.2
      xorg-x11-server-extra-debuginfo-7.6_1.18.3-76.15.2

   - SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

      xorg-x11-server-7.6_1.18.3-76.15.2
      xorg-x11-server-debuginfo-7.6_1.18.3-76.15.2
      xorg-x11-server-debugsource-7.6_1.18.3-76.15.2
      xorg-x11-server-extra-7.6_1.18.3-76.15.2
      xorg-x11-server-extra-debuginfo-7.6_1.18.3-76.15.2

   - SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

      xorg-x11-server-7.6_1.18.3-76.15.2
      xorg-x11-server-debuginfo-7.6_1.18.3-76.15.2
      xorg-x11-server-debugsource-7.6_1.18.3-76.15.2
      xorg-x11-server-extra-7.6_1.18.3-76.15.2
      xorg-x11-server-extra-debuginfo-7.6_1.18.3-76.15.2


References:

   https://www.suse.com/security/cve/CVE-2017-12176.html
   https://www.suse.com/security/cve/CVE-2017-12177.html
   https://www.suse.com/security/cve/CVE-2017-12178.html
   https://www.suse.com/security/cve/CVE-2017-12179.html
   https://www.suse.com/security/cve/CVE-2017-12180.html
   https://www.suse.com/security/cve/CVE-2017-12181.html
   https://www.suse.com/security/cve/CVE-2017-12182.html
   https://www.suse.com/security/cve/CVE-2017-12183.html
   https://www.suse.com/security/cve/CVE-2017-12184.html
   https://www.suse.com/security/cve/CVE-2017-12185.html
   https://www.suse.com/security/cve/CVE-2017-12186.html
   https://www.suse.com/security/cve/CVE-2017-12187.html
   https://www.suse.com/security/cve/CVE-2017-13721.html
   https://www.suse.com/security/cve/CVE-2017-13723.html
   https://bugzilla.suse.com/1022727
   https://bugzilla.suse.com/1051150
   https://bugzilla.suse.com/1052984
   https://bugzilla.suse.com/1061107
   https://bugzilla.suse.com/1063034
   https://bugzilla.suse.com/1063035
   https://bugzilla.suse.com/1063037
   https://bugzilla.suse.com/1063038
   https://bugzilla.suse.com/1063039
   https://bugzilla.suse.com/1063040
   https://bugzilla.suse.com/1063041



More information about the sle-security-updates mailing list