Back to xorg-server PTS page

Accepted xorg-server 2:1.19.3-2 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted xorg-server 2:1.19.3-2 (source) into unstable
From: Julien Cristau <jcristau@debian.org>
Date: Fri, 07 Jul 2017 06:04:14 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1dTMNC-000GM4-8m@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 07 Jul 2017 07:31:11 +0200
Source: xorg-server
Binary: xserver-xorg-core xserver-xorg-core-udeb xserver-xorg-dev xdmx xdmx-tools xnest xvfb xserver-xephyr xserver-common xorg-server-source xwayland xserver-xorg-legacy
Architecture: source
Version: 2:1.19.3-2
Distribution: unstable
Urgency: high
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description:
 xdmx       - distributed multihead X server
 xdmx-tools - Distributed Multihead X tools
 xnest      - Nested X server
 xorg-server-source - Xorg X server - source files
 xserver-common - common files used by various X servers
 xserver-xephyr - nested X server
 xserver-xorg-core - Xorg X server - core server
 xserver-xorg-core-udeb - Xorg X server - core server (udeb)
 xserver-xorg-dev - Xorg X server - development files
 xserver-xorg-legacy - setuid root Xorg server wrapper
 xvfb       - Virtual Framebuffer 'fake' X server
 xwayland   - Xwayland X server
Closes: 867492
Changes:
 xorg-server (2:1.19.3-2) unstable; urgency=high
 .
   * CVE-2017-10972: information leak out of the X server due to an
     uninitialized stack area when swapping:
     - Xi: Zero target buffer in SProcXSendExtensionEvent
   * CVE-2017-10971: stack overflow due to missing GenericEvent handling in
     XSendEvent:
     - dix: Disallow GenericEvent in SendEvent request
     - Xi: Verify all events in ProcXSendExtensionEvent
     - Xi: Do not try to swap GenericEvent
   * With both those fixes, this closes: #867492
Checksums-Sha1:
 7e66cc3ec78d67e7776e44db1505d7f7d90bbeb8 4815 xorg-server_1.19.3-2.dsc
 bc90bf9b9bef5e1583c53dd72fd39f062c5404f7 139662 xorg-server_1.19.3-2.diff.gz
Checksums-Sha256:
 b12e94496dd2cb00d75170be13276dd29361ef8f9dd5f4b918db636476355e63 4815 xorg-server_1.19.3-2.dsc
 743dca1680e454b2e166fdd2a5e36ca09145bbbd939503b791c74914eeb4603f 139662 xorg-server_1.19.3-2.diff.gz
Files:
 9b309c48911de10dab1277c4871e237d 4815 x11 optional xorg-server_1.19.3-2.dsc
 06ac8bd9d48e85ed53c7d75b9ee171ae 139662 x11 optional xorg-server_1.19.3-2.diff.gz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAllfIGsACgkQnbAjVVb4
z62unA/+LTHG7yNpJsWqmqv0bMJJnCZqJTt3AAgvqOjQ5EavBFwTt6DDt/Bk1tcx
WF7xueOLJ51hWxQyw45l8IH/zFa6f/9y+B8Hygm21XJ7a+Fub3Me8I3fUQKVMny9
z4r6IyqqMeFAG0TCJzMKP6tvPcyeKK0QQspqJDvXGfRb09grOuyrzHdIQ5yazYtW
yPwO8fXkK5q4IXwcpQ5rUwobQg5k9PRVoZcjvfOn34TC1O2X64nn3ko25mdNsT1Y
o5AVhvU7MVRArL8yX46e0z/MJ7R1B3Gem6J5kMUvI2QTY1xhU9zl6tRuAqA8Y1SY
EC0H6Mt3ylvMdFHBHkqNCtWo63C/atiVTVv4IFvqJBn6Q71mePDpmwyltbGXkxel
sEEoD/AWYmvTIjPC55wRCPaPvNz12wveQrU12f82uK/U6+5QXcdSfDrK6yHS1JyM
LjypoKgTSFS4AKxDGaH+pyAvBnxEzaiWA7ZjTprVy+JlmAd+OvS6lwxJ8lUy6nri
sJ+vUEeFU1ejIElUKZAC5hFRzZrTt5bJREuFwhX8OLpxmB49ol+Leg7DWy5v+xfZ
Go6qu5aH1M/Lt0ps9eVChx6iZEIOtXcAc/kNDIZZDtSJBrHil0gBX9Etrew+6/rl
rbN16pzImy2tlPbqz+Easwbz+Jy7LR2ABz5YOQ5OKUICqcpN11w=
=FdgX
-----END PGP SIGNATURE-----