This bug was fixed in the package xorg-server -
2:1.4.1~git20080131-1ubuntu9.3
---------------
xorg-server (2:1.4.1~git20080131-1ubuntu9.3) hardy-security; urgency=low
* SECURITY UPDATE: incorrect mod() macro could result in crashes
caused by remote attackers (LP: #551193).
- Added debian/patches/xaa-fbcomposite-fix-negative-size.patch
- CVE-2010-1166
* SECURITY UPDATE: xvfb MCOOKIE value could be hijacked due to
visiblity on the command-line,
- Updated debian/local/xvfb-run from Debian upstream:
http://git.debian.org/?p=pkg-xorg/xserver/xorg-server.git;a=commitdiff;h=ecf09e571198ee16256a5efd1c23fd286a4f2249;hp=cbccf51785b500f51dc974ed05f5512181d4c51f
- CVE-2009-1573
-- Kees Cook <[email protected]> Thu, 06 May 2010 13:26:51 -0700
--
typo in mod() macro leads to 3rd-party controllable Xorg crash/exploit
https://bugs.launchpad.net/bugs/551193
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
