Slackware64-14.2 ChangeLog (2017-10-06)

Fri Oct 6 06:32:32 UTC 2017

  • patches/packages/xorg-server-1.18.3-x86_64-4_slack14.2.txz
    This update fixes two security issues:
    Xext/shm: Validate shmseg resource id, otherwise it can belong to a
    non-existing client and abort X server with FatalError “client not
    in use”, or overwrite existing segment of another existing client.
    Generating strings for XKB data used a single shared static buffer,
    which offered several opportunities for errors. Use a ring of
    resizable buffers instead, to avoid problems when strings end up
    longer than anticipated.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13721
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13723
    (* Security fix *)
  • patches/packages/xorg-server-xephyr-1.18.3-x86_64-4_slack14.2.txz
  • patches/packages/xorg-server-xnest-1.18.3-x86_64-4_slack14.2.txz
  • patches/packages/xorg-server-xvfb-1.18.3-x86_64-4_slack14.2.txz
  • news/2017/10/06/slackware64-14.2-changelog.txt
  • Last modified: 3 years ago
  • by Giuseppe Di Terlizzi