Accepted xorg-server 2:1.19.3-2 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 07 Jul 2017 07:31:11 +0200
Source: xorg-server
Binary: xserver-xorg-core xserver-xorg-core-udeb xserver-xorg-dev xdmx xdmx-tools xnest xvfb xserver-xephyr xserver-common xorg-server-source xwayland xserver-xorg-legacy
Architecture: source
Version: 2:1.19.3-2
Distribution: unstable
Urgency: high
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description:
xdmx - distributed multihead X server
xdmx-tools - Distributed Multihead X tools
xnest - Nested X server
xorg-server-source - Xorg X server - source files
xserver-common - common files used by various X servers
xserver-xephyr - nested X server
xserver-xorg-core - Xorg X server - core server
xserver-xorg-core-udeb - Xorg X server - core server (udeb)
xserver-xorg-dev - Xorg X server - development files
xserver-xorg-legacy - setuid root Xorg server wrapper
xvfb - Virtual Framebuffer 'fake' X server
xwayland - Xwayland X server
Closes: 867492
Changes:
xorg-server (2:1.19.3-2) unstable; urgency=high
.
* CVE-2017-10972: information leak out of the X server due to an
uninitialized stack area when swapping:
- Xi: Zero target buffer in SProcXSendExtensionEvent
* CVE-2017-10971: stack overflow due to missing GenericEvent handling in
XSendEvent:
- dix: Disallow GenericEvent in SendEvent request
- Xi: Verify all events in ProcXSendExtensionEvent
- Xi: Do not try to swap GenericEvent
* With both those fixes, this closes: #867492
Checksums-Sha1:
7e66cc3ec78d67e7776e44db1505d7f7d90bbeb8 4815 xorg-server_1.19.3-2.dsc
bc90bf9b9bef5e1583c53dd72fd39f062c5404f7 139662 xorg-server_1.19.3-2.diff.gz
Checksums-Sha256:
b12e94496dd2cb00d75170be13276dd29361ef8f9dd5f4b918db636476355e63 4815 xorg-server_1.19.3-2.dsc
743dca1680e454b2e166fdd2a5e36ca09145bbbd939503b791c74914eeb4603f 139662 xorg-server_1.19.3-2.diff.gz
Files:
9b309c48911de10dab1277c4871e237d 4815 x11 optional xorg-server_1.19.3-2.dsc
06ac8bd9d48e85ed53c7d75b9ee171ae 139662 x11 optional xorg-server_1.19.3-2.diff.gz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAllfIGsACgkQnbAjVVb4
z62unA/+LTHG7yNpJsWqmqv0bMJJnCZqJTt3AAgvqOjQ5EavBFwTt6DDt/Bk1tcx
WF7xueOLJ51hWxQyw45l8IH/zFa6f/9y+B8Hygm21XJ7a+Fub3Me8I3fUQKVMny9
z4r6IyqqMeFAG0TCJzMKP6tvPcyeKK0QQspqJDvXGfRb09grOuyrzHdIQ5yazYtW
yPwO8fXkK5q4IXwcpQ5rUwobQg5k9PRVoZcjvfOn34TC1O2X64nn3ko25mdNsT1Y
o5AVhvU7MVRArL8yX46e0z/MJ7R1B3Gem6J5kMUvI2QTY1xhU9zl6tRuAqA8Y1SY
EC0H6Mt3ylvMdFHBHkqNCtWo63C/atiVTVv4IFvqJBn6Q71mePDpmwyltbGXkxel
sEEoD/AWYmvTIjPC55wRCPaPvNz12wveQrU12f82uK/U6+5QXcdSfDrK6yHS1JyM
LjypoKgTSFS4AKxDGaH+pyAvBnxEzaiWA7ZjTprVy+JlmAd+OvS6lwxJ8lUy6nri
sJ+vUEeFU1ejIElUKZAC5hFRzZrTt5bJREuFwhX8OLpxmB49ol+Leg7DWy5v+xfZ
Go6qu5aH1M/Lt0ps9eVChx6iZEIOtXcAc/kNDIZZDtSJBrHil0gBX9Etrew+6/rl
rbN16pzImy2tlPbqz+Easwbz+Jy7LR2ABz5YOQ5OKUICqcpN11w=
=FdgX
-----END PGP SIGNATURE-----