SUSE-SU-2012:0644-1: moderate: Security update for xorg-x11-server-rdp
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri May 25 16:08:28 MDT 2012
SUSE Security Update: Security update for xorg-x11-server-rdp
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0644-1
Rating: moderate
References: #746949
Cross-References: CVE-2010-2240 CVE-2011-4028 CVE-2011-4029
Affected Products:
SUSE Linux Enterprise Server 11 SP2 for VMware
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update of xorg-x11-server-rdp fixed the following
security issues:
CVE-2010-2240 - memory exhaustion flaw CVE-2011-4028 /
CVE-2011-4029 - race condition flaw
Security Issues:
* CVE-2010-2240
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240
>
* CVE-2011-4028
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4028
>
* CVE-2011-4029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4029
>
Contraindications:
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP2 for VMware:
zypper in -t patch slessp2-xorg-x11-server-rdp-6111
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp2-xorg-x11-server-rdp-6111
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-xorg-x11-server-dmx-6112
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-xorg-x11-server-dmx-6112
- SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp1-xorg-x11-server-dmx-6112 sledsp2-xorg-x11-server-rdp-6111
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-xorg-x11-server-dmx-6112
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64):
xorg-x11-server-rdp-7.3.99-3.18.2
- SUSE Linux Enterprise Server 11 SP2 (i586 x86_64):
xorg-x11-server-rdp-7.3.99-3.18.2
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
xorg-x11-server-dmx-7.3.99-17.11.1
- SUSE Linux Enterprise Server 11 SP1 (i586 x86_64):
xorg-x11-server-dmx-7.3.99-17.11.1
- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64):
xorg-x11-server-dmx-7.3.99-17.11.1
xorg-x11-server-rdp-7.3.99-3.18.2
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
xorg-x11-server-dmx-7.3.99-17.11.1
References:
http://support.novell.com/security/cve/CVE-2010-2240.html
http://support.novell.com/security/cve/CVE-2011-4028.html
http://support.novell.com/security/cve/CVE-2011-4029.html
https://bugzilla.novell.com/746949
http://download.novell.com/patch/finder/?keywords=5ee149ba2fc8b7892f29b4e9d1937da4
http://download.novell.com/patch/finder/?keywords=c81bcbcc5f759c9ce82783eef07688a8
More information about the sle-security-updates
mailing list