Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2013-1997

Published: 23 May 2013

Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.

Priority

Medium

Status

Package Release Status
libx11
Launchpad, Ubuntu, Debian 		lucid
Released (2:1.3.2-1ubuntu3.1)
precise
Released (2:1.4.99.1-0ubuntu2.1)
quantal
Released (2:1.5.0-1ubuntu0.1)
raring
Released (2:1.5.0-1ubuntu1.1)
upstream Pending
(1.5.99.902)
Patches:
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=cddc4e7e3cb4b9b7ad25f8591971a86901c249f2
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=f293659d5a4024bda386305bb7ebeb4647c40934
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=bff938b9fe1629cbacb726509edfa2a3840b7207
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=59ae16a00d18588e98af57d26e442af8ea42b7aa
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=fd7d4956bc7a1c4b5c38661b12777ebee4d685d9
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=00626c3830b869259098985afa38933d77ccec72
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=06c086e8a1d8374ea9a95ff989f053c96bb1bdca
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=e56a2ada719c5cfac5ed61a52a80ade86c0f5957
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=4d7c422a37eb9617fb22f8e37527c2b34b105665
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=2df882eeb3a70256170127a746a9ba26376599a1
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=de2e6c322c4aca22856b380f67f8e488e7510015
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=b9ba832401734e1cbd30a930c0d11d850293f3f9
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=0c404db6a92dc2c198328bf586c02d8abbe02013
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8d5936594993921acdfec778dd8f41b555e2543a
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=db1b1c871da29aa0545182bf888df81627f165a5
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=e1b457beb8d4e831ef44279dada6c475cb955738
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=a3bdd2b090915fe0163b062f0e6576fe05dd332e

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading