Back to xorg-server PTS page

Accepted xorg-server 2:1.16.4-1+deb8u2 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted xorg-server 2:1.16.4-1+deb8u2 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
From: Julien Cristau <jcristau@debian.org>
Date: Thu, 19 Oct 2017 19:47:42 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1e5Gn8-000AiC-4F@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 14 Oct 2017 12:35:36 +0200
Source: xorg-server
Binary: xserver-xorg-core xserver-xorg-core-udeb xserver-xorg-dev xdmx xdmx-tools xnest xvfb xserver-xephyr xserver-xorg-core-dbg xserver-common xorg-server-source xwayland
Architecture: source all amd64
Version: 2:1.16.4-1+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description:
 xdmx       - distributed multihead X server
 xdmx-tools - Distributed Multihead X tools
 xnest      - Nested X server
 xorg-server-source - Xorg X server - source files
 xserver-common - common files used by various X servers
 xserver-xephyr - nested X server
 xserver-xorg-core - Xorg X server - core server
 xserver-xorg-core-dbg - Xorg - the X.Org X server (debugging symbols)
 xserver-xorg-core-udeb - Xorg X server - core server (udeb)
 xserver-xorg-dev - Xorg X server - development files
 xvfb       - Virtual Framebuffer 'fake' X server
 xwayland   - Xwayland X server
Changes:
 xorg-server (2:1.16.4-1+deb8u2) jessie-security; urgency=high
 .
   * render: Fix out of boundary heap access
   * Xext/shm: Validate shmseg resource id (CVE-2017-13721)
   * xkb: Escape non-printable characters correctly.
   * xkb: Handle xkb formated string output safely (CVE-2017-13723)
   * os: Make sure big requests have sufficient length.
   * Unvalidated lengths in
     - XFree86-VidModeExtension (CVE-2017-12180)
     - XFree86-DGA (CVE-2017-12181)
     - XFree86-DRI (CVE-2017-12182)
     - XFIXES (CVE-2017-12183)
     - XINERAMA (CVE-2017-12184)
     - MIT-SCREEN-SAVER (CVE-2017-12185)
     - X-Resource (CVE-2017-12186)
     - RENDER (CVE-2017-12187)
   * Xi: Test exact size of XIBarrierReleasePointer
   * Xi: integer overflow and unvalidated length in
     (S)ProcXIBarrierReleasePointer (CVE-2017-12179)
   * Xi: Silence some tautological warnings
   * Xi: fix wrong extra length check in ProcXIChangeHierarchy (CVE-2017-12178)
   * dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo (CVE-2017-12177)
   * Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176)
   * Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES (CVE-2017-2624)
   * Xwayland: enable access control and default to just the local user (CVE-2015-3164)
Checksums-Sha1:
 0b006c808f3d92b4b932ac18bad8e9772865aeaf 4712 xorg-server_1.16.4-1+deb8u2.dsc
 aa31515f649baa8037e74c0f1eac22454613aa01 115060 xorg-server_1.16.4-1+deb8u2.diff.gz
 a8ed59f445c6070bcc21f8dbdd2482a82fa62d99 1758568 xserver-common_1.16.4-1+deb8u2_all.deb
 bab0515535c0f849224fbe5979f79f2c6b4b4d23 6463038 xorg-server-source_1.16.4-1+deb8u2_all.deb
 83bea9f4568e7973d6214e0237dee635b138812c 3085092 xserver-xorg-core_1.16.4-1+deb8u2_amd64.deb
 a2da3c83476b86a46f356a622f4f2469fd7109fb 915288 xserver-xorg-core-udeb_1.16.4-1+deb8u2_amd64.udeb
 6da04f42902d6bb9d06d79986ec7d774c584e12f 1941136 xserver-xorg-dev_1.16.4-1+deb8u2_amd64.deb
 9cf2b6c7387990947ea31f3398956590f1e291dd 2494358 xdmx_1.16.4-1+deb8u2_amd64.deb
 30e836fd428ae863909568970caa0373165030e6 1786830 xdmx-tools_1.16.4-1+deb8u2_amd64.deb
 cc92e21badcb3c9c1631c551d34a6dba635478f8 2349046 xnest_1.16.4-1+deb8u2_amd64.deb
 58f9e6b7f10567965701cbe6839f5031590892ff 2499034 xvfb_1.16.4-1+deb8u2_amd64.deb
 8da02b9dfabbe7b16a2853d8db9c9e5d52979d18 2664164 xserver-xephyr_1.16.4-1+deb8u2_amd64.deb
 0214084212f89c9f85b9b5b1ae05185584d458d9 5626280 xserver-xorg-core-dbg_1.16.4-1+deb8u2_amd64.deb
 075bfbbb9f45d6a20bb99115bd1ce3e2f0f48566 2586312 xwayland_1.16.4-1+deb8u2_amd64.deb
Checksums-Sha256:
 11ae2a83dcc3b1ccedfe7959224a519a1aa82b552e21443d0efee011bc9287d6 4712 xorg-server_1.16.4-1+deb8u2.dsc
 0be014df3125d9234aadf31ca38c12daccec0004c6a112e537ed9d952190ca87 115060 xorg-server_1.16.4-1+deb8u2.diff.gz
 c110a3a6d2c7bea4ba516918eeb319e2b8b463f7053b0f9b981cd6fc951dcf24 1758568 xserver-common_1.16.4-1+deb8u2_all.deb
 33f07b46b54ef61b65e6d06fbb912d3a2b2e62caa6fea706619bda8a723d904f 6463038 xorg-server-source_1.16.4-1+deb8u2_all.deb
 1809bcf1edafa6369c92c481b2b7bd862ac17b722b67e7196ba8c88c51d25243 3085092 xserver-xorg-core_1.16.4-1+deb8u2_amd64.deb
 28c3f2279b1f1c82f47f9e0579b5bdfb590a18e45240b69479f38930a9c58c66 915288 xserver-xorg-core-udeb_1.16.4-1+deb8u2_amd64.udeb
 4e32c5124a1b23040d2fa0efa2be8dc5eb4fb5ede0033aa566fa65db10be6538 1941136 xserver-xorg-dev_1.16.4-1+deb8u2_amd64.deb
 e6d87188dc125d308f02f95f6e5aeb775af9147868b7b116293f1ea983cf8d9e 2494358 xdmx_1.16.4-1+deb8u2_amd64.deb
 3cf29cf7c16686a713d8372a86f261f81dd75a67655d950a64ad4e5e37395cb0 1786830 xdmx-tools_1.16.4-1+deb8u2_amd64.deb
 4af46078f6e0072f0c8010b2a51b3e658204d13e7d5f7b7a32af0931133b2858 2349046 xnest_1.16.4-1+deb8u2_amd64.deb
 303295857685310f5e73facae0999f2e9d09bf65cc862358a327ea4e00a73a2c 2499034 xvfb_1.16.4-1+deb8u2_amd64.deb
 af7967d8a610fa7c0e8b7b4026c594358b0aa93f342fbd50bcbe22fc63098f0a 2664164 xserver-xephyr_1.16.4-1+deb8u2_amd64.deb
 03c06cd414fa2484730d94dbcf7ba3825b9000411ae1ad8a542430588d517133 5626280 xserver-xorg-core-dbg_1.16.4-1+deb8u2_amd64.deb
 3b447b716c011291cc406c91cb8ef8e41653caafc9a36cd0b210e6f24df50c2c 2586312 xwayland_1.16.4-1+deb8u2_amd64.deb
Files:
 85654c412c0d9997a487f1a5f5527540 4712 x11 optional xorg-server_1.16.4-1+deb8u2.dsc
 f182b5f87dcaeac0b74cb77c326d48dc 115060 x11 optional xorg-server_1.16.4-1+deb8u2.diff.gz
 4bf0f59fb75b18ffae99a693d4ca7363 1758568 x11 optional xserver-common_1.16.4-1+deb8u2_all.deb
 1c10852c646b971482c7fbbf1843824b 6463038 x11 optional xorg-server-source_1.16.4-1+deb8u2_all.deb
 224c7f147a3f0b73f08f83e5e032d719 3085092 x11 optional xserver-xorg-core_1.16.4-1+deb8u2_amd64.deb
 da6113b78cd382d604c709dd5b350a7c 915288 debian-installer optional xserver-xorg-core-udeb_1.16.4-1+deb8u2_amd64.udeb
 d0dfdf621554a680473614e2c09b7d15 1941136 x11 optional xserver-xorg-dev_1.16.4-1+deb8u2_amd64.deb
 fec52e409c92de2f21547eee826e8732 2494358 x11 optional xdmx_1.16.4-1+deb8u2_amd64.deb
 a6274766e82b3ee32b38646efa474b03 1786830 x11 optional xdmx-tools_1.16.4-1+deb8u2_amd64.deb
 5389524f2589ea269b72e5fabfbbd53f 2349046 x11 optional xnest_1.16.4-1+deb8u2_amd64.deb
 c457fd7fc0b306937af66cfe659c62e2 2499034 x11 optional xvfb_1.16.4-1+deb8u2_amd64.deb
 68e17893b328a5ee8fc970830b05eb9d 2664164 x11 optional xserver-xephyr_1.16.4-1+deb8u2_amd64.deb
 04cfc455c5a8f65773453f96c93d357f 5626280 debug extra xserver-xorg-core-dbg_1.16.4-1+deb8u2_amd64.deb
 ce3bae236cb3be70fde398333c1f30be 2586312 x11 optional xwayland_1.16.4-1+deb8u2_amd64.deb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAlnh9pwACgkQnbAjVVb4
z62Y8RAAiyY2pEPkOAhtx8nEza44+iw7xaR79aeRVhjfinsL1Z+zDyF1LD8V86sm
CYGvJWlAOG4YDfIXf6cu+UV5GtCyi1O7FTH695H1t2RDh8/OtYVuHizyDA743/hV
qDF2uSGKoOA7giwg2UdXG9tW7Mqt1kUSTLCqQasmEwwJXNCcMn9obmVEQIY5G/9b
KH7JZryL4N07zY5QyMxBP/rvIVfr6HG07pck8Etfe07n23oBK3sWPPPuSoczlHNP
FSCWljvC2JeBSWe2LnhDfNLhrDCLq28fSsSszc3f5pLqbHaUR4GIONVB9o0jCNeM
qhXVXbzKfrzWAwr1yQdgSfybwNfV5y+jF4DkyYrSGXVB8ZZJCeE08jW1fCRSJd6n
8VL1OkeLovSyPtzKn6StJ46N9qWcv06tntGvzkNLBZjecAuXVPJ1z/g/I74aaZ4P
biWRz1pwD9WLxYFWJxA2x5Q74EALh0nnfoQFuIPwWp6VmzW5qk8E84f3xeBUHZ1x
Mj3ym50J85JvxNKaLHYoq65LOeFmPEtxnsiDm1Ib5zVoPEHjdOm4+f6ohvNPtPJU
zDcq2XyboKJ9ZWS1LTYbIIoqarwB7FpRjSny0JI/lD0ts2pgS0FJL80N2fLTa61Y
nyAAVS6UpN2Sb2HJJsm6W20nwCej3OV3wUW9HXVXMde2eWaKFes=
=dTTn
-----END PGP SIGNATURE-----