xorg-server-hwe-16.04 2:1.19.3-1ubuntu1~16.04.4 source package in Ubuntu

Changelog

xorg-server-hwe-16.04 (2:1.19.3-1ubuntu1~16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: unvalidated extra length in ProcEstablishConnection
    - debian/patches/CVE-2017-12176.patch: add check to dix/dispatch.c.
    - CVE-2017-12176
  * SECURITY UPDATE: Unvalidated variable-length request in
    ProcDbeGetVisualInfo
    - debian/patches/CVE-2017-12177.patch: add check to dbe/dbe.c.
    - CVE-2017-12177
  * SECURITY UPDATE: wrong extra length check in ProcXIChangeHierarchy
    - debian/patches/CVE-2017-12178.patch: fix length check in
      Xi/xichangehierarchy.c.
    - CVE-2017-12178
  * SECURITY UPDATE: integer overflow and unvalidated length in
    ProcXIBarrierReleasePointer
    - debian/patches/CVE-2017-12179-1.patch: test exact size of
      XIBarrierReleasePointer in Xi/xibarriers.c.
    - debian/patches/CVE-2017-12179-2.patch: add checks to Xi/xibarriers.c.
    - CVE-2017-12179
  * SECURITY UPDATE: various unvalidated lengths
    - debian/patches/CVE-2017-12180-12182.patch: add more checks to
      Xext/vidmode.c, hw/xfree86/common/xf86DGA.c,
      hw/xfree86/dri/xf86dri.c.
    - CVE-2017-12180
    - CVE-2017-12181
    - CVE-2017-12182
  * SECURITY UPDATE: more unvalidated lengths
    - debian/patches/CVE-2017-12183.patch: add checks to xfixes/cursor.c,
      xfixes/region.c, xfixes/saveset.c, xfixes/xfixes.c.
    - CVE-2017-12183
  * SECURITY UPDATE: even more unvalidated lengths
    - debian/patches/CVE-2017-12184-12187.patch: add more checks to
      Xext/panoramiX.c, Xext/saver.c, Xext/xres.c, Xext/xvdisp.c,
      hw/dmx/dmxpict.c, pseudoramiX/pseudoramiX.c, render/render.c.
    - CVE-2017-12184
    - CVE-2017-12185
    - CVE-2017-12186
    - CVE-2017-12187
  * debian/patches/os_big_requests.patch: make sure big requests have
    sufficient length in os/io.c.
  * debian/patches/xkb_escape_fix.patch: escape non-printable characters
    correctly in xkb/xkbtext.c.

 -- Marc Deslauriers <email address hidden>  Fri, 13 Oct 2017 09:00:49 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2017-10-13
Uploaded to:
Xenial
Original maintainer:
Ubuntu X-SWAT
Architectures:
any all
Section:
x11
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates on 2017-10-17 main x11
Xenial security on 2017-10-17 main x11

Downloads

File Size SHA-256 Checksum
xorg-server-hwe-16.04_1.19.3.orig.tar.gz 8.1 MiB 8f93b98f1ac9fbd87515bfe329a069b48bbec98e5329584ab5fbf759a0953b8d
xorg-server-hwe-16.04_1.19.3-1ubuntu1~16.04.4.diff.gz 262.3 KiB cf8738a92d444a0a513e85cbb4a3a7a9b5f855b24fd8a8c5b4567c1623407ba3
xorg-server-hwe-16.04_1.19.3-1ubuntu1~16.04.4.dsc 5.0 KiB ec044256f73fd4a15690af8db2917ef5d2b649a4fcb186eeb2e4a01c6b2a23c5

View changes file

Binary packages built by this source

xmir-hwe-16.04: Xmir X server

 This package provides an X server running on top of Mir, using Mir
 input devices for input and forwarding either the root window or individual
 top-level windows as wayland surfaces.

xmir-hwe-16.04-dbgsym: debug symbols for package xmir-hwe-16.04

 This package provides an X server running on top of Mir, using Mir
 input devices for input and forwarding either the root window or individual
 top-level windows as wayland surfaces.

xorg-server-source-hwe-16.04: Xorg X server - source files

 This package provides original Debian (with Debian patches already
 applied, and autotools files updated) sources for the X.Org ('Xorg')
 X server shipped in a tarball. This enables other projects re-using
 X server codebase (e.g. VNC servers) to (re-)use officially
 Debian-supported version of the X xserver for their builds.
 .
 Unless you are building a software product using X server sources,
 you probably want xserver-xorg and/or xserver-xorg-core instead.

xserver-xephyr-hwe-16.04: nested X server

 Xephyr is an X server that can be run inside another X server,
 much like Xnest. It is based on the kdrive X server, and as a
 result it supports newer extensions than Xnest, including render and
 composite.
 .
 More information about X.Org can be found at:
 <URL:https://www.x.org>
 .
 This package is built from the X.org xserver module.

xserver-xephyr-hwe-16.04-dbgsym: debug symbols for package xserver-xephyr-hwe-16.04

 Xephyr is an X server that can be run inside another X server,
 much like Xnest. It is based on the kdrive X server, and as a
 result it supports newer extensions than Xnest, including render and
 composite.
 .
 More information about X.Org can be found at:
 <URL:https://www.x.org>
 .
 This package is built from the X.org xserver module.

xserver-xorg-core-hwe-16.04: Xorg X server - core server

 The Xorg X server is an X server for several architectures and operating
 systems, which is derived from the XFree86 4.x series of X servers.
 .
 The Xorg server supports most modern graphics hardware from most vendors,
 and supersedes all XFree86 X servers.
 .
 More information about X.Org can be found at:
 <URL:https://www.x.org>
 .
 This package is built from the X.org xserver module.

xserver-xorg-core-hwe-16.04-dbg: No summary available for xserver-xorg-core-hwe-16.04-dbg in ubuntu xenial.

No description available for xserver-xorg-core-hwe-16.04-dbg in ubuntu xenial.

xserver-xorg-core-hwe-16.04-dbgsym: debug symbols for package xserver-xorg-core-hwe-16.04

 The Xorg X server is an X server for several architectures and operating
 systems, which is derived from the XFree86 4.x series of X servers.
 .
 The Xorg server supports most modern graphics hardware from most vendors,
 and supersedes all XFree86 X servers.
 .
 More information about X.Org can be found at:
 <URL:https://www.x.org>
 .
 This package is built from the X.org xserver module.

xserver-xorg-dev-hwe-16.04: Xorg X server - development files

 This package provides development files for the X.Org ('Xorg') X server.
 This is not quite the same as the DDK (Driver Development Kit) from the
 XFree86 4.x and X.Org 6.7, 6.8 and 6.9 series of servers; it provides
 headers and a pkg-config file for drivers using autotools to build
 against.
 .
 Unless you are developing or building a driver, you probably want
 xserver-xorg and/or xserver-xorg-core instead.
 .
 More information about X.Org can be found at:
 <URL:https://www.x.org>
 .
 This package is built from the X.org xserver module.

xserver-xorg-legacy-hwe-16.04: setuid root Xorg server wrapper

 This package provides a wrapper for the Xorg X server, which is
 necessary for legacy drivers and non-Linux kernels.

xserver-xorg-legacy-hwe-16.04-dbgsym: debug symbols for package xserver-xorg-legacy-hwe-16.04

 This package provides a wrapper for the Xorg X server, which is
 necessary for legacy drivers and non-Linux kernels.

xwayland-hwe-16.04: Xwayland X server

 This package provides an X server running on top of wayland, using wayland
 input devices for input and forwarding either the root window or individual
 top-level windows as wayland surfaces.

xwayland-hwe-16.04-dbgsym: debug symbols for package xwayland-hwe-16.04

 This package provides an X server running on top of wayland, using wayland
 input devices for input and forwarding either the root window or individual
 top-level windows as wayland surfaces.