SUSE-SU-2017:3047-1 -- SLES xorg-x11-serverID: oval:org.secpod.oval:def:89044915 | Date: (C)2021-07-20 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for xorg-x11-server fixes several issues. These security issues were fixed: - CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm could lead to shared memory segments of other users beeing freed - CVE-2017-13723: A local denial of service via unusual characters in XkbAtomText and XkbStringText was fixed - CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed unvalidated lengths in multiple extensions - CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES extension. - CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions - CVE-2017-12179: Fixed an integer overflow and unvalidated length in ProcXIBarrierReleasePointer in Xi - CVE-2017-12178: Fixed a wrong extra length check in ProcXIChangeHierarchy in Xi - CVE-2017-12177: Fixed an unvalidated variable-length request in ProcDbeGetVisualInfo - CVE-2017-12176: Fixed an unvalidated extra length in ProcEstablishConnection These non-security issues were fixed: - Make colormap/gamma glue code work with the RandR extension disabled. This prevents it from crashing and showing wrong colors. - Recognize ssh as a remote client to fix launching applications remotely when using DRI3
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |