New Search

ELSA-2014-1982 -- xorg-x11-server security update (important)

oval:org.mitre.oval:def:28577

[1.1.1-48.107.0.1.el5_11] - Added oracle-enterprise-detect.patch - Replaced 'Red Hat' in spec file [1.1.1-48.107] - CVE-2014-8091 denial of service due to unchecked malloc in client authentication (#1168680) - CVE-2014-8092 integer overflow in X11 core protocol requests when calculating memory needs for requests (#1168684) - CVE-2014-8097 out of bounds access due to not validating length or offset values in DBE extension (#1168705) - CVE-2014-8095 out of bounds access due to not validating length or offset values in XInput extension (#1168694) - CVE-2014-8096 out of bounds access due to not validating length or offset values in XC-MISC extension(#1168700) - CVE-2014-8099 out of bounds access due to not validating length or offset values in XVideo extension (#1168710) - CVE-2014-8100 out of bounds access due to not validating length or offset values in Render extension (#1168711) - CVE-2014-8102 out of bounds access due to not validating length or offset values in XFixes extension (#1168714) - CVE-2014-8101 out of bounds access due to not validating length or offset values in RandR extension (#1168713) - CVE-2014-8093 xorg-x11-server: integer overflow in GLX extension requests when calculating memory needs for requests (#1168688) - CVE-2014-8098 xorg-x11-server: out of bounds access due to not validating length or offset values in GLX extension (#1168707) [1.1.1-48.104] - xserver-1.1.1-randr-config-timestamps.patch: Backport timestamp comparison fix from upstream RANDR code (#1006076) [1.1.1-48.103] - CVE-2013-6424: Fix OOB in trapezoid rasterization

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
Class:
patch
Reference(s):
  • ELSA-2014-1982
  • CVE-2014-8091
  • CVE-2014-8092
  • CVE-2014-8093
  • CVE-2014-8095
  • CVE-2014-8096
  • CVE-2014-8097
  • CVE-2014-8098
  • CVE-2014-8099
  • CVE-2014-8100
  • CVE-2014-8101
  • CVE-2014-8102
Product(s):
  • xorg-x11-server