Back to xorg-server PTS page

Accepted xorg-server 2:1.19.2-1+deb9u2 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted xorg-server 2:1.19.2-1+deb9u2 (source) into proposed-updates->stable-new, proposed-updates
From: Julien Cristau <jcristau@debian.org>
Date: Thu, 19 Oct 2017 17:32:58 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1e5Egk-000ATs-Qe@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 14 Oct 2017 13:36:12 +0200
Source: xorg-server
Binary: xserver-xorg-core xserver-xorg-core-udeb xserver-xorg-dev xdmx xdmx-tools xnest xvfb xserver-xephyr xserver-common xorg-server-source xwayland xserver-xorg-legacy
Architecture: source
Version: 2:1.19.2-1+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description:
 xdmx       - distributed multihead X server
 xdmx-tools - Distributed Multihead X tools
 xnest      - Nested X server
 xorg-server-source - Xorg X server - source files
 xserver-common - common files used by various X servers
 xserver-xephyr - nested X server
 xserver-xorg-core - Xorg X server - core server
 xserver-xorg-core-udeb - Xorg X server - core server (udeb)
 xserver-xorg-dev - Xorg X server - development files
 xserver-xorg-legacy - setuid root Xorg server wrapper
 xvfb       - Virtual Framebuffer 'fake' X server
 xwayland   - Xwayland X server
Changes:
 xorg-server (2:1.19.2-1+deb9u2) stretch-security; urgency=high
 .
   * Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176)
   * dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo
     (CVE-2017-12177)
   * Xi: fix wrong extra length check in ProcXIChangeHierarchy (CVE-2017-12178)
   * Xi: integer overflow and unvalidated length in
     (S)ProcXIBarrierReleasePointer (CVE-2017-12179)
   * Unvalidated lengths in
     - XFree86-VidModeExtension (CVE-2017-12180)
     - XFree86-DGA (CVE-2017-12181)
     - XFree86-DRI (CVE-2017-12182)
     - XFIXES (CVE-2017-12183)
     - XINERAMA (CVE-2017-12184
     - MIT-SCREEN-SAVER (CVE-2017-12185
     - X-Resource (CVE-2017-12186
     - RENDER (CVE-2017-12187)
   * os: Make sure big requests have sufficient length.
   * Xext/shm: Validate shmseg resource id (CVE-2017-13721)
   * xkb: Handle xkb formated string output safely (CVE-2017-13723)
   * xkb: Escape non-printable characters correctly.
   * render: Fix out of boundary heap access
Checksums-Sha1:
 ea1c920515730a6c90dc16c21174b8fb83246c08 4843 xorg-server_1.19.2-1+deb9u2.dsc
 c352c5a16c4ff5e8840a5bb638f5c9d04b6eec92 146613 xorg-server_1.19.2-1+deb9u2.diff.gz
Checksums-Sha256:
 1a12ad229b331a915b619c3f9efc5f73a60267c753ade0df1d7e2505598249a0 4843 xorg-server_1.19.2-1+deb9u2.dsc
 75c8eb9f8ca229e024d41803ba145c563474eae12f0a7672c20e55d607cb233d 146613 xorg-server_1.19.2-1+deb9u2.diff.gz
Files:
 0ade69fde723a572b24eb707199087fa 4843 x11 optional xorg-server_1.19.2-1+deb9u2.dsc
 facde1eb6be2a640e313194b803a6b31 146613 x11 optional xorg-server_1.19.2-1+deb9u2.diff.gz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAlnkYVsACgkQnbAjVVb4
z624qw//XDceshCyZY6XyGuMHpFpnGMeGNsZKlFU60Chw/vAGtGEnOauCmomovQZ
PMI+aiG4mWMNbVUaj883tgX78c28X3+CjYu1XZ9E3GZ23bv4ir4Nd72oGVMeT9Ct
wSql99ToRz3qjZcqcfr9cokvVmWXPJArZF5rOvyfVbTzxUj+oviHfDqBjyE08uhO
ErjgZvXbzeJxbG3tOVxHJXiz6ntFaVskXZVxK8yBLdeWQMa3UB/d5iT4ANxGL1Ng
MqEeJl98U2yWzsSKLnH8CDOBqtlgveBW+lrAKd2vSo1Itl17vj6vo4ObYSTcSF19
TVtbhGjv+QQlKT7nUvQbvD+6jDhdF+NYhFsIa7EVvmGDeroqcehvA4myijI495qj
OD3QjhfAt0Z5NXGwznMCoHBmqYmHK0j0MSZLVQaF4+naIuUcHvpfmyNA+bVeFVdo
0t8DzGlVWo0TiBP7cxq2QgIY8N06ldl5pgDwABwIhytH6xVt8vNDn21zoG2n4PVT
beOTHPK1DY+6rzxYlIJkhIy+E6uqzbSp/aU1HVRPAPHp7J8jMBXznWjrNvi/dG5g
7VTauE5WwggUcvqz/sk+OAu3WYIV9v6Ysj7enIl/T/eQ33oPWiI6+bL3WxjJsBrn
OhpJ7wVhhwlkbQEQU6TsiGJd9iccRkaR+jAbUfbOKlWRhOK3WHo=
=JH5V
-----END PGP SIGNATURE-----