Debians sikkerhedsbulletin

DSA-1595-1 xorg-server -- flere sårbarheder

Rapporteret den:

11. jun 2008

Berørte pakker:

xorg-server

Sårbar:

Referencer i sikkerhedsdatabaser:

I Mitres CVE-ordbog: CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362.

Yderligere oplysninger:

Flere lokale sårbarheder er opdaget i X Window System. Projektet Common Vulnerabilities and Exposures har fundet frem til følgende problemer:

CVE-2008-1377
Manglende kontrol af parametrene til funktionerne SProcSecurityGenerateAuthorization og SProcRecordCreateContext gjorde det muligt for en særligt fremstillet forespørgsel, at udløse swapning af bytes uden for for parameteret til disse forespørgsler, forårsagende hukommelseskorruption.
CVE-2008-1379
Et heltalsoverløb i valideringen af parametrene til forespørgslen ShmPutImage(), gjorde det muligt at udløse kopiering af vilkårlig serverhukommelses til et pixmap, der efterfølgende kunne læses af klienten, til læsning af vilkårlige dele af X-serverens hukommelsesområde.
CVE-2008-2360
Et heltalsoverløb kunne opstå i beregningen af størrelsen på den glyph, der allokeres af funktionen AllocateGlyph(), hvilket forårsagede at mindre hukommelse end forventet, blev allokeret, senere førende til heapoverløb.
CVE-2008-2361
Et heltalsoverløb kunne opstå i beregningen af størrelsen på den glyph, der allokeres af funktionen ProcRenderCreateCursor(), hvilket forårsagede at mindre hukommelse end forventet, blev allokeret, senere førende til dereferenceret ikke-mappet hukommelse, forårsagende at X-serveren gik ned.
CVE-2008-2362
Heltalsoverløb kunne også optræde i koden, der validerer parametrerne til funktionen SProcRenderCreateLinearGradient, SProcRenderCreateRadialGradient og SProcRenderCreateConicalGradient, førende til hukommelseskorruption ved swapning af bytes uden for de tiltænkte forespørgselsparametre.

I den stabile distribution (etch), er disse problemer rettet i version 2:1.1.1-21etch5.

I den ustabile distribution (sid), er disse problemer rettet i version 2:1.4.1~git20080517-2.

Vi anbefaler at du opgraderer din xorg-server-pakke.

Rettet i:

Debian GNU/Linux 4.0 (etch)

Kildekode:: http://security.debian.org/pool/updates/main/x/xorg-server/xorg-server_1.1.1.orig.tar.gz; http://security.debian.org/pool/updates/main/x/xorg-server/xorg-server_1.1.1-21etch5.diff.gz; http://security.debian.org/pool/updates/main/x/xorg-server/xorg-server_1.1.1-21etch5.dsc
Alpha:: http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_alpha.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_alpha.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_alpha.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_alpha.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_alpha.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_alpha.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_alpha.deb
AMD64:: http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_amd64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_amd64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_amd64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_amd64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_amd64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_amd64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_amd64.deb
ARM:: http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_arm.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_arm.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_arm.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_arm.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_arm.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_arm.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_arm.deb
HP Precision:: http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_hppa.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_hppa.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_hppa.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_hppa.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_hppa.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_hppa.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_i386.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_i386.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_i386.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_i386.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_i386.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_i386.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_ia64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_ia64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_ia64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_ia64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_ia64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_ia64.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_ia64.deb
Big-endian MIPS:: http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_mips.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_mips.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_mips.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_mips.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_mips.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_mips.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_mips.deb
Little-endian MIPS:: http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_mipsel.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_mipsel.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_mipsel.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_mipsel.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_mipsel.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_mipsel.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_powerpc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_powerpc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_powerpc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_powerpc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_powerpc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_powerpc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_s390.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_s390.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_s390.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_s390.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_s390.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_s390.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_sparc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_sparc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_sparc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_sparc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_sparc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_sparc.deb; http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.