xorg-x11-server-1.1.1-48.107.0.1.AXS3
エラータID: AXSA:2014-839:02
Description :
X.Org X11 X server
Security isues fixed with this release:
CVE-2014-8091
X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a crafted connection request.
CVE-2014-8092
Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.
CVE-2014-8093
Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) __glXDisp_ReadPixels, (2) __glXDispSwap_ReadPixels, (3) __glXDisp_GetTexImage, (4) __glXDispSwap_GetTexImage, (5) GetSeparableFilter, (6) GetConvolutionFilter, (7) GetHistogram, (8) GetMinmax, (9) GetColorTable, (10) __glXGetAnswerBuffer, (11) __GLX_GET_ANSWER_BUFFER, (12) __glXMap1dReqSize, (13) __glXMap1fReqSize, (14) Map2Size, (15) __glXMap2dReqSize, (16) __glXMap2fReqSize, (17) __glXImageSize, or (18) __glXSeparableFilter2DReqSize function, which triggers an out-of-bounds read or write.
CVE-2014-8095
The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXChangeDeviceControl, (2) ProcXChangeDeviceControl, (3) ProcXChangeFeedbackControl, (4) ProcXSendExtensionEvent, (5) SProcXIAllowEvents, (6) SProcXIChangeCursor, (7) ProcXIChangeHierarchy, (8) SProcXIGetClientPointer, (9) SProcXIGrabDevice, (10) SProcXIUngrabDevice, (11) ProcXIUngrabDevice, (12) SProcXIPassiveGrabDevice, (13) ProcXIPassiveGrabDevice, (14) SProcXIPassiveUngrabDevice, (15) ProcXIPassiveUngrabDevice, (16) SProcXListDeviceProperties, (17) SProcXDeleteDeviceProperty, (18) SProcXIListProperties, (19) SProcXIDeleteProperty, (20) SProcXIGetProperty, (21) SProcXIQueryDevice, (22) SProcXIQueryPointer, (23) SProcXISelectEvents, (24) SProcXISetClientPointer, (25) SProcXISetFocus, (26) SProcXIGetFocus, or (27) SProcXIWarpPointer function.
CVE-2014-8096
The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value.
CVE-2014-8097
The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcDbeSwapBuffers or (2) SProcDbeSwapBuffers function.
CVE-2014-8098
The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) __glXDisp_Render, (2) __glXDisp_RenderLarge, (3) __glXDispSwap_VendorPrivate, (4) __glXDispSwap_VendorPrivateWithReply, (5) set_client_info, (6) __glXDispSwap_SetClientInfoARB, (7) DoSwapInterval, (8) DoGetProgramString, (9) DoGetString, (10) __glXDispSwap_RenderMode, (11) __glXDisp_GetCompressedTexImage, (12) __glXDispSwap_GetCompressedTexImage, (13) __glXDisp_FeedbackBuffer, (14) __glXDispSwap_FeedbackBuffer, (15) __glXDisp_SelectBuffer, (16) __glXDispSwap_SelectBuffer, (17) __glXDisp_Flush, (18) __glXDispSwap_Flush, (19) __glXDisp_Finish, (20) __glXDispSwap_Finish, (21) __glXDisp_ReadPixels, (22) __glXDispSwap_ReadPixels, (23) __glXDisp_GetTexImage, (24) __glXDispSwap_GetTexImage, (25) __glXDisp_GetPolygonStipple, (26) __glXDispSwap_GetPolygonStipple, (27) __glXDisp_GetSeparableFilter, (28) __glXDisp_GetSeparableFilterEXT, (29) __glXDisp_GetConvolutionFilter, (30) __glXDisp_GetConvolutionFilterEXT, (31) __glXDisp_GetHistogram, (32) __glXDisp_GetHistogramEXT, (33) __glXDisp_GetMinmax, (34) __glXDisp_GetMinmaxEXT, (35) __glXDisp_GetColorTable, (36) __glXDisp_GetColorTableSGI, (37) GetSeparableFilter, (38) GetConvolutionFilter, (39) GetHistogram, (40) GetMinmax, or (41) GetColorTable function.
CVE-2014-8099
The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXvQueryExtension, (2) SProcXvQueryAdaptors, (3) SProcXvQueryEncodings, (4) SProcXvGrabPort, (5) SProcXvUngrabPort, (6) SProcXvPutVideo, (7) SProcXvPutStill, (8) SProcXvGetVideo, (9) SProcXvGetStill, (10) SProcXvPutImage, (11) SProcXvShmPutImage, (12) SProcXvSelectVideoNotify, (13) SProcXvSelectPortNotify, (14) SProcXvStopVideo, (15) SProcXvSetPortAttribute, (16) SProcXvGetPortAttribute, (17) SProcXvQueryBestSize, (18) SProcXvQueryPortAttributes, (19) SProcXvQueryImageAttributes, or (20) SProcXvListImageFormats function.
CVE-2014-8100
The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcRenderQueryVersion, (2) SProcRenderQueryVersion, (3) SProcRenderQueryPictFormats, (4) SProcRenderQueryPictIndexValues, (5) SProcRenderCreatePicture, (6) SProcRenderChangePicture, (7) SProcRenderSetPictureClipRectangles, (8) SProcRenderFreePicture, (9) SProcRenderComposite, (10) SProcRenderScale, (11) SProcRenderCreateGlyphSet, (12) SProcRenderReferenceGlyphSet, (13) SProcRenderFreeGlyphSet, (14) SProcRenderFreeGlyphs, or (15) SProcRenderCompositeGlyphs function.
CVE-2014-8101
The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcRRQueryVersion, (2) SProcRRGetScreenInfo, (3) SProcRRSelectInput, or (4) SProcRRConfigureOutputProperty function.
CVE-2014-8102
The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length value.
Update package.
N/A
SRPMS
- xorg-x11-server-1.1.1-48.107.0.1.AXS3.src.rpm
MD5: 5375059e7094a2518146e4879f84544a
SHA-256: 5d24bd439d16b9c51a15a7d0b407fcd7ca08b2e48aa1ee833f6ac1040d5c460d
Size: 6.24 MB
Asianux Server 3 for x86
- xorg-x11-server-sdk-1.1.1-48.107.0.1.AXS3.i386.rpm
MD5: 757fa6e001a83e610060b59e5cbef3a6
SHA-256: 31d029e24474485860f08083e0062543eeeb60f6c08f324c08233fc2a785971b
Size: 382.07 kB - xorg-x11-server-Xdmx-1.1.1-48.107.0.1.AXS3.i386.rpm
MD5: 1caa426a95f722f28e9ece3eb9504510
SHA-256: c8224224c4321713042dad4dc69863e8957dd926775037f20ea224bef54b1690
Size: 919.19 kB - xorg-x11-server-Xnest-1.1.1-48.107.0.1.AXS3.i386.rpm
MD5: 10834e69e855fcd02962a0c2ab2d5b1c
SHA-256: e824cf1773e48fc37493c89a454d3e7fa2470b92e274e4052339171248afcb0b
Size: 1.45 MB - xorg-x11-server-Xorg-1.1.1-48.107.0.1.AXS3.i386.rpm
MD5: 30082dbc5c277415bbeff2693dde4f52
SHA-256: 4ba6c265e8d6e66dbd5158e0092177193278b9c7dbb16690698f955c0ea5be8c
Size: 3.26 MB - xorg-x11-server-Xvfb-1.1.1-48.107.0.1.AXS3.i386.rpm
MD5: 288168a29c4ee1347be206b61a7d9195
SHA-256: 959b0d456592288e5436d7a258d40b0887ba58cd91f9e57c13234dfd2931149b
Size: 1.59 MB
Asianux Server 3 for x86_64
- xorg-x11-server-sdk-1.1.1-48.107.0.1.AXS3.x86_64.rpm
MD5: 52d36d17ce456ae0f03b8beaea0514a1
SHA-256: f107582e007b98fdae291d01676496684a36ebec9c29920551c0dacdc32f0530
Size: 385.16 kB - xorg-x11-server-Xdmx-1.1.1-48.107.0.1.AXS3.x86_64.rpm
MD5: b848ebe82470719d803f15e9a22db0d5
SHA-256: f568a99842d163f2b9266925d31c283827b7d1cdadf97ccda2bf4320cdb67605
Size: 931.33 kB - xorg-x11-server-Xnest-1.1.1-48.107.0.1.AXS3.x86_64.rpm
MD5: 5930174063f51ef1891cdd3731340e35
SHA-256: 208416a90077efbc0297c14a24a883430f85c70c71c471e496cd398c08f8cc83
Size: 1.43 MB - xorg-x11-server-Xorg-1.1.1-48.107.0.1.AXS3.x86_64.rpm
MD5: 6d9823479e825dfba7b051c193bfdd40
SHA-256: 6fa8947be6fddb9571809ec2d7485ca373b56226a2cffb862e4ab42bd7b54c10
Size: 3.38 MB - xorg-x11-server-Xvfb-1.1.1-48.107.0.1.AXS3.x86_64.rpm
MD5: 0ea3c62ae84841c21b82f8fd493ef5e8
SHA-256: 04546e9685cc41dafb4520e1e42ed42fa016b16fb27ee532bba88cd2e1d3d589
Size: 1.57 MB