openSUSE-SU-2012:0227-1 -- Suse xorg-x11-serverID: oval:org.secpod.oval:def:400367 | Date: (C)2012-12-31 (M)2022-09-21 |
Class: PATCH | Family: unix |
The X server had two security issues and one bug that is fixed by this update. CVE-2011-4028: It is possible for a local attacker to deduce if a file exists or not by exploiting the way that Xorg creates its lock files. CVE-2011-4029: It is possible for a non-root local user to set the read permission for all users on any file or directory. Special Instructions and Notes: Please reboot the system after installing this update.This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application.