diff options
| author | AlanCoopersmith <AlanCoopersmith@web> | 2024-04-12 23:00:31 +0200 |
|---|---|---|
| committer | IkiWiki <ikiwiki.info> | 2024-04-12 23:00:31 +0200 |
| commit | 05badf7266165beb05009c3798f2736f3bae441f (patch) | |
| tree | 13c3ec459447436264919b51a68d164e4af4fcce | |
| parent | 63a7e05edc0394b8594fb45169d1ec77071665c4 (diff) | |
Fix X11R7.3 patch links
| -rw-r--r-- | Development/Security.mdwn | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Development/Security.mdwn b/Development/Security.mdwn index fd930b35..f245c039 100644 --- a/Development/Security.mdwn +++ b/Development/Security.mdwn @@ -2,7 +2,7 @@ This page details security issues that have been found in X.Org, and their remedies. -Please contact the [[X.Org security team|Development/Security/Organization]] at [[xorg-security@lists.x.org|mailto:xorg-security%40lists.x.org]] to report security issues in the X.Org codebase. +Please contact the [[X.Org security team|Development/Security/Organization]] at [[xorg-security@lists.x.oftrg|mailto:xorg-security%40lists.x.org]] to report security issues in the X.Org codebase. While the advisories are listed below by the most recent release they affect, most affect older releases as well, in many cases going back to the introduction of the affected functionality. @@ -182,7 +182,7 @@ Please see [[the advisory|Development/Security/Advisory-2013-05-23]] for more in ## X.Org 7.3 -* Jun 11, 2008 - CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362: Several vulnerabilities have been found in the server-side code of some extensions in the X Window System. Improper validation of client-provided data can cause data corruption. Please see [[the advisory|http://lists.freedesktop.org/archives/xorg-announce/2008-June/000578.html]] for more information. Patches are available: [[CVE-2008-1377|ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1377.diff]] [[CVE-2008-1379|ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1379.diff]] [[CVE-2008-2360|ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2360.diff]] [[CVE-2008-2361|ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2361.diff]] [[CVE-2008-2362|ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff]] +* Jun 11, 2008 - CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362: Several vulnerabilities have been found in the server-side code of some extensions in the X Window System. Improper validation of client-provided data can cause data corruption. Please see [[the advisory|http://lists.freedesktop.org/archives/xorg-announce/2008-June/000578.html]] for more information. Patches are available: [[CVE-2008-1377|https://www.x.org/releases/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1377.diff]] [[CVE-2008-1379|https://www.x.org/releases/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1379.diff]] [[CVE-2008-2360|https://www.x.org/releases/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2360.diff]] [[CVE-2008-2361|https://www.x.org/releases/X11R7.3/patches/patches/xorg-xserver-1.4-cve-2008-2361.diff]] [[CVE-2008-2362|https://www.x.org/releases/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff]] * Jan 17, 2008 - CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006: Several vulnerabilities have been identified in server code of the X window system caused by lack of proper input validation on user controlled data in various parts of the software, causing various kinds of overflows. Please see [[the advisory|http://lists.freedesktop.org/archives/xorg-announce/2008-January/000441.html]] for more information. Patches are available for [[X11R7.2|Releases/7.2]]: [[libXfont 1.2.7|http://xorg.freedesktop.org/archive/X11R7.2/patches/xorg-libXfont-1.2.7-pcf-parser.diff]] and [[xserver 1.2|http://xorg.freedesktop.org/archive/X11R7.2/patches/xorg-xserver-1.2-multiple-overflows.diff]] as well as for [[X11R7.3|Releases/7.3]]: [[libXfont 1.3.1|http://xorg.freedesktop.org/archive/X11R7.3/patches/xorg-libXfont-1.3.1-pcf-parser.diff]] and [[xserver 1.4|http://xorg.freedesktop.org/archive/X11R7.3/patches/xorg-xserver-1.4-multiple-overflows.diff]]. * **Update** Jan 21, 2008 - The patch for the MIT-SHM vulnerability (CVE-2007-6429) introduced a regression for applications that allocate pixmaps with a less than 8 bits depth. New patches are available for [[xserver 1.2|http://xorg.freedesktop.org/archive/X11R7.2/patches/xorg-xserver-1.2-multiple-overflows-v2.diff]] and [[xserver 1.4|http://xorg.freedesktop.org/archive/X11R7.3/patches/xorg-xserver-1.4-multiple-overflows-v2.diff]]. * MD5: `8e3f74c2cabddd3d629018924140e413` [[xorg-xserver-1.2-multiple-overflows-v2.diff|http://xorg.freedesktop.org/archive/X11R7.2/patches/xorg-xserver-1.2-multiple-overflows-v2.diff]] |