Accepted: xorg-server 2:1.4.1~git20080105-1ubuntu2 (source)

Bryce Harrington bryce at ubuntu.com
Fri Jan 18 01:50:55 GMT 2008 

Accepted:
 OK: xorg-server_1.4.1~git20080105.orig.tar.gz
 OK: xorg-server_1.4.1~git20080105-1ubuntu2.diff.gz
 OK: xorg-server_1.4.1~git20080105-1ubuntu2.dsc
     -> Component: main Section: x11

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 17 Jan 2008 13:57:26 -0800
Source: xorg-server
Binary: xserver-xephyr xserver-xorg-core xvfb xserver-xorg-dev xserver-xorg-core-dbg xnest
Architecture: source
Version: 2:1.4.1~git20080105-1ubuntu2
Distribution: hardy
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Bryce Harrington <bryce at ubuntu.com>
Description: 
 xnest      - Nested X server
 xserver-xephyr - nested X server
 xserver-xorg-core - Xorg X server - core server
 xserver-xorg-core-dbg - Xorg - the X.Org X server (debugging symbols)
 xserver-xorg-dev - Xorg X server - development files
 xvfb       - Virtual Framebuffer 'fake' X server
Changes: 
 xorg-server (2:1.4.1~git20080105-1ubuntu2) hardy; urgency=low
 .
   * Added security patches:
     - 145_cve_2007_5760_out_of_bounds.patch:  Verify screen index is
       within the index bounds of xf86Screens[].
     - 146_cve_2007_6427_xinput_extension_memory_corruption.patch:  Handle
       swapping of long integer pointers more carefully.
     - 147_cve_2007_6428_tog_cup_extension_memory_corruption.patch:  Verify
       screen index is within the bounds of the number of screens available.
     - 148_cve_2007_6429_mit_shm_and_evi_ext_integer_overflows.patch:  Count
       the number of visuals and check that the requested visual is within
       that limit, to prevent an overflow in REQUEST_FIXED_SIZE.  Improve
       checking of height/width values of pixmaps in SHM.
     - 149_cve_2008_0006_pcf_font_parser_buffer_overflow.patch:  Add checks
       of values for firstCol, lastCol, firstRow, and lastRow before
       allocating.
     - 150_fopen_privs_check.patch:  Switch from directly calling fopen()
       to Fopen(), which includes checks for privileges before calling
       open().
Files: 
 ff310a414a4218dbfa1124e31487e7c3 2554 x11 optional xorg-server_1.4.1~git20080105-1ubuntu2.dsc
 889d63f4bd5325be3fbf2fab315ec6f2 680135 x11 optional xorg-server_1.4.1~git20080105-1ubuntu2.diff.gz
Original-Maintainer: Debian X Strike Force <debian-x at lists.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHkAWTH/9LqRcGPm0RArOdAJ0bZzgN1uEZHIUMh17+zDAHOkJU1QCeNq+U
OuLMWO+zRGIif1sY10E2jMg=
=5+0D
-----END PGP SIGNATURE-----

More information about the Hardy-changes mailing list