Bug 3590 - [UPDATE REQUEST] [UPSTREAM UPDATE] xorg-x11-server
: [UPDATE REQUEST] [UPSTREAM UPDATE] xorg-x11-server
Status: RESOLVED FIXED
Product: Server Bugs
Classification: ROSA Server
Component: Main Packages
: unspecified
: All Linux
: Normal normal
: ---
Assigned To: Andrew Lukoshko
: ROSA Server Bugs
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-01-13 16:13 MSK by Andrew Lukoshko
Modified: 2014-01-15 17:41 MSK (History)
1 user (show)

See Also:
RPM Package:
ISO-related:
Bad POT generating:
Upstream:
vladimir.potapov: qa_verified+
vladimir.potapov: secteam_verified?


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Lukoshko 2014-01-13 16:13:39 MSK
An integer overflow, which led to a heap-based buffer overflow, was found in the way X.Org server handled trapezoids. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2013-6424)

https://rhn.redhat.com/errata/RHSA-2013-1868.html

https://abf.rosalinux.ru/build_lists/1513342
https://abf.rosalinux.ru/build_lists/1513343
Comment 1 Vladimir Potapov 2014-01-15 17:41:06 MSK
xorg-x11-server-1.13.0-23.1.res6
************************* RHEL Advisory ******************************
An integer overflow, which led to a heap-based buffer overflow, was found in the way X.Org server handled trapezoids. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2013-6424)
**********************************************************************
QA Verified