LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Slackware: 2010-240-06: xorg-server: Security Update Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Slackware New xorg-server packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. [More Info...]
[slackware-security]  xorg-server (SSA:2010-240-06)

New xorg-server packages are available for Slackware 12.0, 12.1, 12.2, 13.0,
13.1, and -current to fix a security issue.


Here are the details from the Slackware 13.1 ChangeLog:
+--------------------------+
patches/packages/xorg-server-1.7.7-i486-2_slack13.1.txz:  Rebuilt.
  Patched to prevent overwriting stack memory and bypassing security mechanisms
  on systems that use a 2.6 Linux kernel.  Reported by Rafal Wojtczuk.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

HINT:  Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try.  This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-1.3.0.0-i486-3_slack12.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xdmx-1.3.0.0-i486-3_slack12.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xnest-1.3.0.0-i486-3_slack12.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xvfb-1.3.0.0-i486-3_slack12.0.tgz

Updated packages for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/xorg-server-1.4.2-i486-2_slack12.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/xorg-server-xnest-1.4.2-i486-2_slack12.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/xorg-server-xvfb-1.4.2-i486-2_slack12.1.tgz

Updated packages for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/xorg-server-1.4.2-i486-2_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/xorg-server-xnest-1.4.2-i486-2_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/xorg-server-xvfb-1.4.2-i486-2_slack12.2.tgz

Updated packages for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/xorg-server-1.6.3-i486-2_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/xorg-server-xephyr-1.6.3-i486-2_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/xorg-server-xnest-1.6.3-i486-2_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/xorg-server-xvfb-1.6.3-i486-2_slack13.0.txz

Updated packages for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/xorg-server-1.6.3-x86_64-2_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/xorg-server-xephyr-1.6.3-x86_64-2_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/xorg-server-xnest-1.6.3-x86_64-2_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/xorg-server-xvfb-1.6.3-x86_64-2_slack13.0.txz

Updated packages for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/xorg-server-1.7.7-i486-2_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/xorg-server-xephyr-1.7.7-i486-2_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/xorg-server-xnest-1.7.7-i486-2_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/xorg-server-xvfb-1.7.7-i486-2_slack13.1.txz

Updated packages for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/xorg-server-1.7.7-x86_64-2_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/xorg-server-xephyr-1.7.7-x86_64-2_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/xorg-server-xnest-1.7.7-x86_64-2_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/xorg-server-xvfb-1.7.7-x86_64-2_slack13.1.txz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-1.7.7-i486-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-xephyr-1.7.7-i486-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-xnest-1.7.7-i486-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-xvfb-1.7.7-i486-2.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-1.7.7-x86_64-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-xephyr-1.7.7-x86_64-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-xnest-1.7.7-x86_64-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-xvfb-1.7.7-x86_64-2.txz


MD5 signatures:
+-------------+

Slackware 12.0 packages:
948e4d6012f7c349be58318622941508  xorg-server-1.3.0.0-i486-3_slack12.0.tgz
c9d5f136423384d7a68f971992f6049f  xorg-server-xdmx-1.3.0.0-i486-3_slack12.0.tgz
bb3da6748a08c142c47633e642c7137d  xorg-server-xnest-1.3.0.0-i486-3_slack12.0.tgz
dfb6bdba04491ca4acb15fafd89638b2  xorg-server-xvfb-1.3.0.0-i486-3_slack12.0.tgz

Slackware 12.1 packages:
a8ab8b3976df8633257d65b3913b8883  xorg-server-1.4.2-i486-2_slack12.1.tgz
4fdf655f8fc4ffdd478a6c3981b0a6fd  xorg-server-xnest-1.4.2-i486-2_slack12.1.tgz
93e4c5e23fa6efc9a5c222da5edac3ba  xorg-server-xvfb-1.4.2-i486-2_slack12.1.tgz

Slackware 12.2 packages:
bcd28e761bb4adbf24dec715c49d297b  xorg-server-1.4.2-i486-2_slack12.2.tgz
25723efc09e09d915ebb36e1205d70b1  xorg-server-xnest-1.4.2-i486-2_slack12.2.tgz
d1c5206344d115c19f4349faa92a02a1  xorg-server-xvfb-1.4.2-i486-2_slack12.2.tgz

Slackware 13.0 packages:
dc4780c806670dd2b1bbf849f1de135a  xorg-server-1.6.3-i486-2_slack13.0.txz
3d7ecec9719e890d76f773f284dfe339  xorg-server-xephyr-1.6.3-i486-2_slack13.0.txz
67bd1e1772b5b56a3437b328a25b32d1  xorg-server-xnest-1.6.3-i486-2_slack13.0.txz
d6f8fd0392ded6db5d8a8a38a21aa0bd  xorg-server-xvfb-1.6.3-i486-2_slack13.0.txz

Slackware x86_64 13.0 packages:
dcba378af605ce9215b59f1c9b695765  xorg-server-1.6.3-x86_64-2_slack13.0.txz
471d08f7e17f1b00a27801d53ca7ac0e  xorg-server-xephyr-1.6.3-x86_64-2_slack13.0.txz
1ab068bc4ae868eb8474a37cae643c3f  xorg-server-xnest-1.6.3-x86_64-2_slack13.0.txz
ce6fff885eaeb0bacffed8de5bff696f  xorg-server-xvfb-1.6.3-x86_64-2_slack13.0.txz

Slackware 13.1 packages:
ea462ea066e90341443e135a34cc74e7  xorg-server-1.7.7-i486-2_slack13.1.txz
dd01a6d98fed4d0135aef3ba4434d713  xorg-server-xephyr-1.7.7-i486-2_slack13.1.txz
4650b8a0248c225172367c3a49c2b8ea  xorg-server-xnest-1.7.7-i486-2_slack13.1.txz
b28c1a2118f9e68c44e794d85d214c4b  xorg-server-xvfb-1.7.7-i486-2_slack13.1.txz

Slackware x86_64 13.1 packages:
5a94d24124740a99e4961c2511f40ae4  xorg-server-1.7.7-x86_64-2_slack13.1.txz
de80c9498875b726f46612f344223b98  xorg-server-xephyr-1.7.7-x86_64-2_slack13.1.txz
47c55a47f8c0d3fef964984cf35d7327  xorg-server-xnest-1.7.7-x86_64-2_slack13.1.txz
838b0c430f248e8f4db8ab7b2a310f90  xorg-server-xvfb-1.7.7-x86_64-2_slack13.1.txz

Slackware -current packages:
5d47df75439e8be839648d62dff8a067  x/xorg-server-1.7.7-i486-2.txz
5567692e94ab8d77e78a947aa6761dce  x/xorg-server-xephyr-1.7.7-i486-2.txz
0c3112b8b3de5dfa5546c4808b0fd1ab  x/xorg-server-xnest-1.7.7-i486-2.txz
c227768380dbfcf6e10e252b0ed63559  x/xorg-server-xvfb-1.7.7-i486-2.txz

Slackware x86_64 -current packages:
fd708c0e164edf215ed3c26f2ee37721  x/xorg-server-1.7.7-x86_64-2.txz
eab6cd91332a734466fd1b8f295d5842  x/xorg-server-xephyr-1.7.7-x86_64-2.txz
eac24a47e7906236c6cb4971a24f61d9  x/xorg-server-xnest-1.7.7-x86_64-2.txz
c9c3d50532fd43cabee7bfbea1cce0e1  x/xorg-server-xvfb-1.7.7-x86_64-2.txz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg xorg-server-*z


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Removes SSLv3 Fallback Support From Chrome
Hacker Lexicon: What Is End-to-End Encryption?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.