Security update for xorg-x11-server

SUSE Security Update: Security update for xorg-x11-server
Announcement ID: SUSE-SU-2014:0744-1
Rating: moderate
References: #813178 #813683 #814653 #816813 #843652 #853846
Affected Products:
  • SUSE Linux Enterprise Server 11 SP1 LTSS

  • An update that solves three vulnerabilities and has three fixes is now available.


    This is a SLES 11 SP1 LTSS rollup update for the X.Org Server package.

    The following security issues have been fixed:

    * CVE-2013-6424: Integer underflow in the xTrapezoidValid macro in
    render/picture.h in X.Org allowed context-dependent attackers to
    cause a denial of service (crash) via a negative bottom value.
    * CVE-2013-4396: Use-after-free vulnerability in the doImageText
    function in dix/dixfonts.c in the xorg-server module before 1.14.4
    in X.Org X11 allowed remote authenticated users to cause a denial of
    service (daemon crash) or possibly execute arbitrary code via a
    crafted ImageText request that triggers memory-allocation failure.
    * CVE-2013-1940: X.Org X server did not properly restrict access to
    input events when adding a new hot-plug device, which might have
    allowed physically proximate attackers to obtain sensitive
    information, as demonstrated by reading passwords from a tty.

    The following non-security issues have been fixed:

    * rfbAuthReenable is accessing rfbClient structure that was in most
    cases already freed. It actually needs only ScreenPtr, so pass it
    directly. (bnc#816813)
    * Memory leaks in ARGB cursor handling. (bnc#813178, bnc#813683)

    Security Issues:

    * CVE-2013-1940

    * CVE-2013-4396

    * CVE-2013-6424

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Server 11 SP1 LTSS:
      zypper in -t patch slessp1-xorg-x11-Xvnc-9126

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64):
      • xorg-x11-Xvnc-7.4-
      • xorg-x11-server-7.4-
      • xorg-x11-server-extra-7.4-