SUSE-SU-2012:0312-1: Security update for xorg-x11
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Feb 27 15:08:23 MST 2012
SUSE Security Update: Security update for xorg-x11
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0312-1
Rating: low
References: #648287 #648290
Cross-References: CVE-2010-4818 CVE-2010-4819
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update of xorg-x11 fixes issues that could allow
attackers using GLX opcodes to read access to arbitrary
memory locations (CVE-2010-4818). Additionally, a crash
due to missing bounds checks in the the Glyph Render
protocol have been fixed (CVE-2010-4819).
Access to the X server by the attacker was required to make
this work.
Security Issue references:
* CVE-2010-4819
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4819
>
* CVE-2010-4818
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4818
>
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
xorg-x11-6.9.0-50.78.5
xorg-x11-Xnest-6.9.0-50.78.5
xorg-x11-Xvfb-6.9.0-50.78.5
xorg-x11-Xvnc-6.9.0-50.78.5
xorg-x11-devel-6.9.0-50.78.5
xorg-x11-doc-6.9.0-50.78.5
xorg-x11-fonts-100dpi-6.9.0-50.78.5
xorg-x11-fonts-75dpi-6.9.0-50.78.5
xorg-x11-fonts-cyrillic-6.9.0-50.78.5
xorg-x11-fonts-scalable-6.9.0-50.78.5
xorg-x11-fonts-syriac-6.9.0-50.78.5
xorg-x11-libs-6.9.0-50.78.5
xorg-x11-man-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc x86_64):
xorg-x11-sdk-6.9.0-50.78.5
xorg-x11-server-6.9.0-50.78.5
xorg-x11-server-glx-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
xorg-x11-devel-32bit-6.9.0-50.78.5
xorg-x11-libs-32bit-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (ia64):
xorg-x11-libs-x86-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (ppc):
xorg-x11-devel-64bit-6.9.0-50.78.5
xorg-x11-libs-64bit-6.9.0-50.78.5
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
xorg-x11-6.9.0-50.78.5
xorg-x11-Xnest-6.9.0-50.78.5
xorg-x11-Xvfb-6.9.0-50.78.5
xorg-x11-Xvnc-6.9.0-50.78.5
xorg-x11-devel-6.9.0-50.78.5
xorg-x11-fonts-100dpi-6.9.0-50.78.5
xorg-x11-fonts-75dpi-6.9.0-50.78.5
xorg-x11-fonts-cyrillic-6.9.0-50.78.5
xorg-x11-fonts-scalable-6.9.0-50.78.5
xorg-x11-fonts-syriac-6.9.0-50.78.5
xorg-x11-libs-6.9.0-50.78.5
xorg-x11-man-6.9.0-50.78.5
xorg-x11-server-6.9.0-50.78.5
xorg-x11-server-glx-6.9.0-50.78.5
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
xorg-x11-devel-32bit-6.9.0-50.78.5
xorg-x11-libs-32bit-6.9.0-50.78.5
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
xorg-x11-Xvfb-6.9.0-50.78.5
xorg-x11-doc-6.9.0-50.78.5
- SLE SDK 10 SP4 (i586 ia64 ppc x86_64):
xorg-x11-sdk-6.9.0-50.78.5
References:
http://support.novell.com/security/cve/CVE-2010-4818.html
http://support.novell.com/security/cve/CVE-2010-4819.html
https://bugzilla.novell.com/648287
https://bugzilla.novell.com/648290
http://download.novell.com/patch/finder/?keywords=926559701859ebd386944eb1075ad07e
More information about the sle-security-updates
mailing list