SUSE-SU-2012:0312-1: Security update for xorg-x11

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon Feb 27 15:08:23 MST 2012


   SUSE Security Update: Security update for xorg-x11
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0312-1
Rating:             low
References:         #648287 #648290 
Cross-References:   CVE-2010-4818 CVE-2010-4819
Affected Products:
                    SUSE Linux Enterprise Server 10 SP4
                    SUSE Linux Enterprise Desktop 10 SP4
                    SLE SDK 10 SP4
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:


   This update of xorg-x11 fixes issues that could allow
   attackers using GLX  opcodes to read access to arbitrary
   memory locations (CVE-2010-4818).  Additionally, a crash
   due to missing bounds checks in the the Glyph Render
   protocol have been fixed (CVE-2010-4819).

   Access to the X server by the attacker was required to make
   this work.

   Security Issue references:

   * CVE-2010-4819
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4819
   >
   * CVE-2010-4818
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4818
   >



Package List:

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

      xorg-x11-6.9.0-50.78.5
      xorg-x11-Xnest-6.9.0-50.78.5
      xorg-x11-Xvfb-6.9.0-50.78.5
      xorg-x11-Xvnc-6.9.0-50.78.5
      xorg-x11-devel-6.9.0-50.78.5
      xorg-x11-doc-6.9.0-50.78.5
      xorg-x11-fonts-100dpi-6.9.0-50.78.5
      xorg-x11-fonts-75dpi-6.9.0-50.78.5
      xorg-x11-fonts-cyrillic-6.9.0-50.78.5
      xorg-x11-fonts-scalable-6.9.0-50.78.5
      xorg-x11-fonts-syriac-6.9.0-50.78.5
      xorg-x11-libs-6.9.0-50.78.5
      xorg-x11-man-6.9.0-50.78.5

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc x86_64):

      xorg-x11-sdk-6.9.0-50.78.5
      xorg-x11-server-6.9.0-50.78.5
      xorg-x11-server-glx-6.9.0-50.78.5

   - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):

      xorg-x11-devel-32bit-6.9.0-50.78.5
      xorg-x11-libs-32bit-6.9.0-50.78.5

   - SUSE Linux Enterprise Server 10 SP4 (ia64):

      xorg-x11-libs-x86-6.9.0-50.78.5

   - SUSE Linux Enterprise Server 10 SP4 (ppc):

      xorg-x11-devel-64bit-6.9.0-50.78.5
      xorg-x11-libs-64bit-6.9.0-50.78.5

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

      xorg-x11-6.9.0-50.78.5
      xorg-x11-Xnest-6.9.0-50.78.5
      xorg-x11-Xvfb-6.9.0-50.78.5
      xorg-x11-Xvnc-6.9.0-50.78.5
      xorg-x11-devel-6.9.0-50.78.5
      xorg-x11-fonts-100dpi-6.9.0-50.78.5
      xorg-x11-fonts-75dpi-6.9.0-50.78.5
      xorg-x11-fonts-cyrillic-6.9.0-50.78.5
      xorg-x11-fonts-scalable-6.9.0-50.78.5
      xorg-x11-fonts-syriac-6.9.0-50.78.5
      xorg-x11-libs-6.9.0-50.78.5
      xorg-x11-man-6.9.0-50.78.5
      xorg-x11-server-6.9.0-50.78.5
      xorg-x11-server-glx-6.9.0-50.78.5

   - SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

      xorg-x11-devel-32bit-6.9.0-50.78.5
      xorg-x11-libs-32bit-6.9.0-50.78.5

   - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):

      xorg-x11-Xvfb-6.9.0-50.78.5
      xorg-x11-doc-6.9.0-50.78.5

   - SLE SDK 10 SP4 (i586 ia64 ppc x86_64):

      xorg-x11-sdk-6.9.0-50.78.5


References:

   http://support.novell.com/security/cve/CVE-2010-4818.html
   http://support.novell.com/security/cve/CVE-2010-4819.html
   https://bugzilla.novell.com/648287
   https://bugzilla.novell.com/648290
   http://download.novell.com/patch/finder/?keywords=926559701859ebd386944eb1075ad07e



More information about the sle-security-updates mailing list