Bug #918332 “CVE-2011-4613 tracking bug” : Bugs : xorg package : Ubuntu

Marc Deslauriers (mdeslaur) on 2012-01-18

security vulnerability:	no → yes
Changed in xorg (Ubuntu Lucid):
status:	New → Confirmed
Changed in xorg (Ubuntu Maverick):
status:	New → Confirmed
Changed in xorg (Ubuntu Natty):
status:	New → Confirmed
Changed in xorg (Ubuntu Oneiric):
status:	New → Confirmed
Changed in xorg (Ubuntu Precise):
status:	New → Confirmed
Changed in xorg (Ubuntu Maverick):
importance:	Undecided → Medium
Changed in xorg (Ubuntu Lucid):
importance:	Undecided → Medium
Changed in xorg (Ubuntu Natty):
importance:	Undecided → Medium
Changed in xorg (Ubuntu Oneiric):
importance:	Undecided → Medium
Changed in xorg (Ubuntu Precise):
importance:	Undecided → Medium
Changed in xorg (Ubuntu Lucid):
assignee:	nobody → Marc Deslauriers (mdeslaur)
Changed in xorg (Ubuntu Maverick):
assignee:	nobody → Marc Deslauriers (mdeslaur)
Changed in xorg (Ubuntu Natty):
assignee:	nobody → Marc Deslauriers (mdeslaur)
Changed in xorg (Ubuntu Oneiric):
assignee:	nobody → Marc Deslauriers (mdeslaur)

Timo Aaltonen (tjaalton) on 2012-01-18

Changed in xorg (Ubuntu Precise):
assignee:	nobody → Timo Aaltonen (tjaalton)
status:	Confirmed → Fix Committed

Revision history for this message

Timo Aaltonen (tjaalton) wrote on 2012-01-24:

#1

Meh, forgot to close the bug in the changelog. This is now fixed in precise.

Changed in xorg (Ubuntu Precise):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2012-01-26:

#2

This bug was fixed in the package xorg - 1:7.5+5ubuntu1.1

---------------
xorg (1:7.5+5ubuntu1.1) lucid-security; urgency=low

  * SECURITY UPDATE: console requirement bypass (LP: #918332)
    - debian/local/xserver-wrapper.c: drop alternative TTY support, and
      also reset effective group id. Patch obtained from Debian squeeze
      update.
    - CVE-2011-4613
-- Marc Deslauriers <email address hidden> Mon, 16 Jan 2012 10:36:52 -0500

Changed in xorg (Ubuntu Lucid):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2012-01-26:

#3

This bug was fixed in the package xorg - 1:7.5+6ubuntu3.1

---------------
xorg (1:7.5+6ubuntu3.1) maverick-security; urgency=low

  * SECURITY UPDATE: console requirement bypass (LP: #918332)
    - debian/local/xserver-wrapper.c: drop alternative TTY support, and
      also reset effective group id. Patch obtained from Debian squeeze
      update.
    - CVE-2011-4613
-- Marc Deslauriers <email address hidden> Wed, 18 Jan 2012 13:27:52 -0500

Changed in xorg (Ubuntu Maverick):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2012-01-26:

#4

This bug was fixed in the package xorg - 1:7.6+4ubuntu3.2

---------------
xorg (1:7.6+4ubuntu3.2) natty-security; urgency=low

  * SECURITY UPDATE: console requirement bypass (LP: #918332)
    - debian/local/xserver-wrapper.c: drop alternative TTY support, and
      also reset effective group id. Patch obtained from Debian squeeze
      update.
    - CVE-2011-4613
-- Marc Deslauriers <email address hidden> Wed, 18 Jan 2012 13:30:25 -0500

Changed in xorg (Ubuntu Natty):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2012-01-26:

#5

This bug was fixed in the package xorg - 1:7.6+7ubuntu7.1

---------------
xorg (1:7.6+7ubuntu7.1) oneiric-security; urgency=low

  * SECURITY UPDATE: console requirement bypass (LP: #918332)
    - debian/local/xserver-wrapper.c: drop alternative TTY support, and
      also reset effective group id. Patch obtained from Debian squeeze
      update.
    - CVE-2011-4613
-- Marc Deslauriers <email address hidden> Wed, 18 Jan 2012 13:35:02 -0500

Changed in xorg (Ubuntu Oneiric):
status:	Confirmed → Fix Released

Ubuntu
xorg package

CVE-2011-4613 tracking bug

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
xorg (Ubuntu)	Fix Released	Medium	Timo Aaltonen
Lucid	Fix Released	Medium	Marc Deslauriers
Maverick	Fix Released	Medium	Marc Deslauriers
Natty	Fix Released	Medium	Marc Deslauriers
Oneiric	Fix Released	Medium	Marc Deslauriers
Precise	Fix Released	Medium	Timo Aaltonen

Ubuntuxorg package

CVE-2011-4613 tracking bug

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
xorg package