Slackware64-13.37 ChangeLog (2017-08-15)

Tue Aug 15 22:16:12 UTC 2017

  • patches/packages/xorg-server-1.9.5-x86_64-4_slack13.37.txz
    This update fixes two security issues:
    A user authenticated to an X Session could crash or execute code in the
    context of the X Server by exploiting a stack overflow in the endianness
    conversion of X Events.
    Uninitialized data in endianness conversion in the XEvent handling of the
    X.Org X Server allowed authenticated malicious users to access potentially
    privileged data from the X server.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10971
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10972
    (* Security fix *)
  • patches/packages/xorg-server-xephyr-1.9.5-x86_64-4_slack13.37.txz
  • patches/packages/xorg-server-xnest-1.9.5-x86_64-4_slack13.37.txz
  • patches/packages/xorg-server-xvfb-1.9.5-x86_64-4_slack13.37.txz
  • news/2017/08/15/slackware64-13.37-changelog.txt
  • Last modified: 3 years ago
  • by Giuseppe Di Terlizzi