ubuntu-x-swat team mailing list archive

Thread
Date

[Bug 551193] Re: typo in mod() macro leads to 3rd-party controllable Xorg crash/exploit

To: ubuntu-x-swat@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <551193@xxxxxxxxxxxxxxxxxx>
Date: Tue, 18 May 2010 21:04:21 -0000
Reply-to: Bug 551193 <551193@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package xorg-server - 2:1.6.4-2ubuntu4.3

---------------
xorg-server (2:1.6.4-2ubuntu4.3) karmic-security; urgency=low

  * SECURITY UPDATE: incorrect mod() macro could result in crashes
    caused by remote attackers (LP: #551193).
    - Added debian/patches/300_xaa-fbcomposite-fix-negative-size.patch
    - CVE-2010-1166
 -- Kees Cook <kees@xxxxxxxxxx>   Thu, 06 May 2010 13:16:02 -0700

** Changed in: xorg-server (Ubuntu Karmic)
       Status: New => Fix Released

** Changed in: xorg-server (Ubuntu Jaunty)
       Status: New => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1573

-- 
typo in mod() macro leads to 3rd-party controllable Xorg crash/exploit
https://bugs.launchpad.net/bugs/551193
You received this bug notification because you are a member of Ubuntu-X,
which is subscribed to xorg-server in ubuntu.

References

[Bug 551193] [NEW] typo in mod() macro leads to 3rd-party controllable Xorg crash/exploit
From: Kees Cook, 2010-03-29