xorg-server-lts-xenial 2:1.18.3-1ubuntu2.3~trusty2 source package in Ubuntu

Changelog

xorg-server-lts-xenial (2:1.18.3-1ubuntu2.3~trusty2) trusty-security; urgency=medium

  * SECURITY UPDATE: DoS and possible code execution in endianness
    conversion of X Events
    - debian/patches/CVE-2017-10971-1.patch: do not try to swap
      GenericEvent in Xi/sendexev.c.
    - debian/patches/CVE-2017-10971-2.patch: verify all events in
      ProcXSendExtensionEvent in Xi/sendexev.c.
    - debian/patches/CVE-2017-10971-3.patch: disallow GenericEvent in
      SendEvent request in dix/events.c, dix/swapreq.c.
    - CVE-2017-10971
  * SECURITY UPDATE: information leak in XEvent handling
    - debian/patches/CVE-2017-10972.patch: zero target buffer in
      SProcXSendExtensionEvent in Xi/sendexev.c.
    - CVE-2017-10972
  * SECURITY UPDATE: MIT-MAGIC-COOKIES timing attack
    - debian/patches/CVE-2017-2624.patch: use timingsafe_memcmp() in
      configure.ac, include/dix-config.h.in, include/os.h,
      os/mitauth.c, os/timingsafe_memcmp.c.
    - CVE-2017-2624

 -- Marc Deslauriers <email address hidden>  Mon, 17 Jul 2017 13:12:54 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2017-07-18
Uploaded to:
Trusty
Original maintainer:
Ubuntu X-SWAT
Architectures:
any all
Section:
x11
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
xorg-server-lts-xenial_1.18.3.orig.tar.gz 7.9 MiB 9b872f946b912f11a0ffc911d936764fce604ee4ac65ee1f131b78b3e89ede26
xorg-server-lts-xenial_1.18.3-1ubuntu2.3~trusty2.diff.gz 298.8 KiB 431c22f3d4d00a93af859151bd373809bbfe96cb0c9a1cd1b865314bb5676450
xorg-server-lts-xenial_1.18.3-1ubuntu2.3~trusty2.dsc 4.6 KiB ab56dd7a7de5021bbe855f128bd8d1f72d1e95de83ef6713d4816655226bda8a

View changes file

Binary packages built by this source

xorg-server-source-lts-xenial: Xorg X server - source files

 This package provides original Debian (with Debian patches already
 applied, and autotools files updated) sources for the X.Org ('Xorg')
 X server shipped in a tarball. This enables other projects re-using
 X server codebase (e.g. VNC servers) to (re-)use officially
 Debian-supported version of the X xserver for their builds.
 .
 Unless you are building a software product using X server sources,
 you probably want xserver-xorg and/or xserver-xorg-core instead.

xserver-xephyr-lts-xenial: nested X server

 Xephyr is an X server that can be run inside another X server,
 much like Xnest. It is based on the kdrive X server, and as a
 result it supports newer extensions than Xnest, including render and
 composite.
 .
 More information about X.Org can be found at:
 <URL:http://www.X.org>
 .
 This package is built from the X.org xserver module.

xserver-xephyr-lts-xenial-dbgsym: debug symbols for package xserver-xephyr-lts-xenial

 Xephyr is an X server that can be run inside another X server,
 much like Xnest. It is based on the kdrive X server, and as a
 result it supports newer extensions than Xnest, including render and
 composite.
 .
 More information about X.Org can be found at:
 <URL:http://www.X.org>
 .
 This package is built from the X.org xserver module.

xserver-xorg-core-lts-xenial: Xorg X server - core server

 The Xorg X server is an X server for several architectures and operating
 systems, which is derived from the XFree86 4.x series of X servers.
 .
 The Xorg server supports most modern graphics hardware from most vendors,
 and supersedes all XFree86 X servers.
 .
 More information about X.Org can be found at:
 <URL:http://www.X.org>
 .
 This package is built from the X.org xserver module.

xserver-xorg-core-lts-xenial-dbg: Xorg - the X.Org X server (debugging symbols)

 The Xorg X server is an X server for several architectures and operating
 systems, which is derived from the XFree86 4.x series of X servers.
 .
 The Xorg server supports most modern graphics hardware from most vendors,
 and supersedes all XFree86 X servers.
 .
 This package provides debugging symbols for the Xorg X server and associated
 modules.

xserver-xorg-core-lts-xenial-dbgsym: debug symbols for package xserver-xorg-core-lts-xenial

 The Xorg X server is an X server for several architectures and operating
 systems, which is derived from the XFree86 4.x series of X servers.
 .
 The Xorg server supports most modern graphics hardware from most vendors,
 and supersedes all XFree86 X servers.
 .
 More information about X.Org can be found at:
 <URL:http://www.X.org>
 .
 This package is built from the X.org xserver module.

xserver-xorg-dev-lts-xenial: Xorg X server - development files

 This package provides development files for the X.Org ('Xorg') X server.
 This is not quite the same as the DDK (Driver Development Kit) from the
 XFree86 4.x and X.Org 6.7, 6.8 and 6.9 series of servers; it provides
 headers and a pkg-config file for drivers using autotools to build
 against.
 .
 Unless you are developing or building a driver, you probably want
 xserver-xorg and/or xserver-xorg-core instead.
 .
 More information about X.Org can be found at:
 <URL:http://www.X.org>
 .
 This package is built from the X.org xserver module.

xwayland-lts-xenial: Xwayland X server

 This package provides an X server running on top of wayland, using wayland
 input devices for input and forwarding either the root window or individual
 top-level windows as wayland surfaces.

xwayland-lts-xenial-dbgsym: debug symbols for package xwayland-lts-xenial

 This package provides an X server running on top of wayland, using wayland
 input devices for input and forwarding either the root window or individual
 top-level windows as wayland surfaces.