[SECURITY] Fedora 18 Update: xorg-x11-server-1.13.3-3.fc18
updates at fedoraproject.org
updates at fedoraproject.org
Sat Apr 20 01:17:41 UTC 2013
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-5928
2013-04-18 01:30:24
--------------------------------------------------------------------------------
Name : xorg-x11-server
Product : Fedora 18
Version : 1.13.3
Release : 3.fc18
URL : http://www.x.org
Summary : X.Org X11 X server
Description :
X.Org X11 X server
--------------------------------------------------------------------------------
Update Information:
Fix input buffer size to flush evdev events before enabling a device (CVE-2013-1940)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 17 2013 Peter Hutterer <peter.hutterer at redhat.com> 1.13.3-3
- CVE-2013-1940: Fix xf86FlushInput() to drain evdev events
(#950438, #952949)
* Fri Mar 22 2013 Dan HorĂ¡k <dan at danny.cz> 1.13.3-2
- libunwind is exists only on selected arches
* Sat Mar 9 2013 Peter Hutterer <peter.hutterer at redhat.com> 1.13.3-1
- server 1.13.3
* Tue Mar 5 2013 Peter Hutterer <peter.hutterer at redhat.com> 1.13.2.902-2
- use libunwind for backtraces
* Mon Mar 4 2013 Peter Hutterer <peter.hutterer at redhat.com> 1.13.2.902-1
- server 1.13.3RC2
* Thu Feb 14 2013 Peter Hutterer <peter.hutterer at redhat.com> 1.13.2-4
- Fix scrolling for Evoluent Vertical Mouse 3 (#612140#c20)
* Thu Feb 7 2013 Dave Airlie <airlied at redhat.com> 1.13.2-3
- fix crash from event send patch with vesa + usb
* Sat Jan 26 2013 Peter Hutterer <peter.hutterer at redhat.com> 1.13.2-2
- Fix differing sizeof XGCValues in xdmxconfig (#903986)
* Sat Jan 26 2013 Peter Hutterer <peter.hutterer at redhat.com> 1.13.2-1
- server 1.13.2
* Fri Jan 25 2013 Peter Hutterer <peter.hutterer at redhat.com> 1.13.1-5
- Add quirk for Evoluent Vertical Mouse 3, button mapping is quirky
(#612140)
* Wed Jan 9 2013 Dave Airlie <airlied at redhat.com> 1.13.1-4
- fix bug on server shutdown + valgrind warnings (#891140)
* Tue Jan 8 2013 Dave Airlie <airlied at redhat.com> 1.13.1-3
- fixes for reverse optimus support
* Mon Jan 7 2013 Dave Airlie <airlied at redhat.com> 1.13.1-2
- fix bugs with autobinding output/offload slave from same driver
* Tue Dec 18 2012 Peter Hutterer <peter.hutterer at redhat.com> 1.13.1-1
- server 1.13.1
* Fri Dec 14 2012 Adam Jackson <ajax at redhat.com> 1.13.0-15
- Cherry-pick a fix for selection for TouchBegin from multiple clients
* Wed Dec 12 2012 Dave Airlie <airlied at redhat.com> 1.13.0-14
- add events for autoconfig of gpus devices, allow usb devices to notify gnome
* Wed Dec 12 2012 Dave Airlie <airlied at redhat.com> 1.13.0-13
- fix hotplug issue with usb devices and large screens
* Wed Dec 12 2012 Dave Airlie <airlied at redhat.com< 1.13.0-12
- backout non-pci configuration less patch, its breaks multi-GPU
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #950438 - CVE-2013-1940 xorg-x11-server: Information disclosure due enabling events from hot-plug devices despite input from the device being momentarily disabled
https://bugzilla.redhat.com/show_bug.cgi?id=950438
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update xorg-x11-server' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list