RSSfeed
2008-06-13, 08:36
<div class="field field-type-text field-field-referenced-cves"><div class="field-label">Referenced CVEs: </div><div class="field-items"><div class="field-item">CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362</div></div></div><div class="field field-type-text field-field-description"><div class="field-label">Description: </div><div class="field-items"><div class="field-item"><div class="usn">
================================================== =========
Ubuntu Security Notice USN-616-1 June 13, 2008
xorg-server vulnerabilities
CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361,
CVE-2008-2362
================================================== =========
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
xserver-xorg-core 1:1.0.2-0ubuntu10.13
Ubuntu 7.04:
xserver-xorg-core 2:1.2.0-3ubuntu8.4
Ubuntu 7.10:
xserver-xorg-core 2:1.3.0.0.dfsg-12ubuntu8.4
Ubuntu 8.04 LTS:
xserver-xorg-core 2:1.4.1~git20080131-1ubuntu9.2
After a standard system upgrade you need to restart your session to effect
the necessary changes.
Details follow:
Multiple flaws were found in the RENDER, RECORD, and Security
extensions of X.org which did not correctly validate function arguments.
An authenticated attacker could send specially crafted requests and gain
root privileges or crash X. (CVE-2008-1377, CVE-2008-2360, CVE-2008-2361,
CVE-2008-2362)
It was discovered that the MIT-SHM extension of X.org did not correctly
validate the location of memory during an image copy. An authenticated
attacker could exploit this to read arbitrary memory locations within X,
exposing sensitive information. (CVE-2008-1379)
</div></div></div></div>
Mer... (http://www.ubuntu.com/usn/usn-616-1)
================================================== =========
Ubuntu Security Notice USN-616-1 June 13, 2008
xorg-server vulnerabilities
CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361,
CVE-2008-2362
================================================== =========
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
xserver-xorg-core 1:1.0.2-0ubuntu10.13
Ubuntu 7.04:
xserver-xorg-core 2:1.2.0-3ubuntu8.4
Ubuntu 7.10:
xserver-xorg-core 2:1.3.0.0.dfsg-12ubuntu8.4
Ubuntu 8.04 LTS:
xserver-xorg-core 2:1.4.1~git20080131-1ubuntu9.2
After a standard system upgrade you need to restart your session to effect
the necessary changes.
Details follow:
Multiple flaws were found in the RENDER, RECORD, and Security
extensions of X.org which did not correctly validate function arguments.
An authenticated attacker could send specially crafted requests and gain
root privileges or crash X. (CVE-2008-1377, CVE-2008-2360, CVE-2008-2361,
CVE-2008-2362)
It was discovered that the MIT-SHM extension of X.org did not correctly
validate the location of memory during an image copy. An authenticated
attacker could exploit this to read arbitrary memory locations within X,
exposing sensitive information. (CVE-2008-1379)
</div></div></div></div>
Mer... (http://www.ubuntu.com/usn/usn-616-1)