Security update for xorg-x11
SUSE Security Update: Security update for xorg-x11
This update of xorg-x11 fixes issues that could allow
attackers using GLX opcodes to read access to arbitrary
memory locations (CVE-2010-4818). Additionally, a crash
due to missing bounds checks in the the Glyph Render
protocol have been fixed (CVE-2010-4819).
Access to the X server by the attacker was required to make
this work.
Security Issue references:
* CVE-2010-4819
>
* CVE-2010-4818
>
Announcement ID: | SUSE-SU-2012:0312-1 |
Rating: | low |
References: | #648287 #648290 |
Affected Products: |
An update that fixes two vulnerabilities is now available.
Description:
This update of xorg-x11 fixes issues that could allow
attackers using GLX opcodes to read access to arbitrary
memory locations (CVE-2010-4818). Additionally, a crash
due to missing bounds checks in the the Glyph Render
protocol have been fixed (CVE-2010-4819).
Access to the X server by the attacker was required to make
this work.
Security Issue references:
* CVE-2010-4819
* CVE-2010-4818
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
- xorg-x11-6.9.0-50.78.5
- xorg-x11-Xnest-6.9.0-50.78.5
- xorg-x11-Xvfb-6.9.0-50.78.5
- xorg-x11-Xvnc-6.9.0-50.78.5
- xorg-x11-devel-6.9.0-50.78.5
- xorg-x11-doc-6.9.0-50.78.5
- xorg-x11-fonts-100dpi-6.9.0-50.78.5
- xorg-x11-fonts-75dpi-6.9.0-50.78.5
- xorg-x11-fonts-cyrillic-6.9.0-50.78.5
- xorg-x11-fonts-scalable-6.9.0-50.78.5
- xorg-x11-fonts-syriac-6.9.0-50.78.5
- xorg-x11-libs-6.9.0-50.78.5
- xorg-x11-man-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc x86_64):
- xorg-x11-sdk-6.9.0-50.78.5
- xorg-x11-server-6.9.0-50.78.5
- xorg-x11-server-glx-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
- xorg-x11-devel-32bit-6.9.0-50.78.5
- xorg-x11-libs-32bit-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (ia64):
- xorg-x11-libs-x86-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (ppc):
- xorg-x11-devel-64bit-6.9.0-50.78.5
- xorg-x11-libs-64bit-6.9.0-50.78.5
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
- xorg-x11-6.9.0-50.78.5
- xorg-x11-Xnest-6.9.0-50.78.5
- xorg-x11-Xvfb-6.9.0-50.78.5
- xorg-x11-Xvnc-6.9.0-50.78.5
- xorg-x11-devel-6.9.0-50.78.5
- xorg-x11-fonts-100dpi-6.9.0-50.78.5
- xorg-x11-fonts-75dpi-6.9.0-50.78.5
- xorg-x11-fonts-cyrillic-6.9.0-50.78.5
- xorg-x11-fonts-scalable-6.9.0-50.78.5
- xorg-x11-fonts-syriac-6.9.0-50.78.5
- xorg-x11-libs-6.9.0-50.78.5
- xorg-x11-man-6.9.0-50.78.5
- xorg-x11-server-6.9.0-50.78.5
- xorg-x11-server-glx-6.9.0-50.78.5
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
- xorg-x11-devel-32bit-6.9.0-50.78.5
- xorg-x11-libs-32bit-6.9.0-50.78.5
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
- xorg-x11-Xvfb-6.9.0-50.78.5
- xorg-x11-doc-6.9.0-50.78.5
- SLE SDK 10 SP4 (i586 ia64 ppc x86_64):
- xorg-x11-sdk-6.9.0-50.78.5
References:
- http://support.novell.com/security/cve/CVE-2010-4818.html
- http://support.novell.com/security/cve/CVE-2010-4819.html
- https://bugzilla.novell.com/648287
- https://bugzilla.novell.com/648290
- http://download.suse.com/patch/finder/?keywords=926559701859ebd386944eb1075ad07e