USN-403-1: X.org vulnerabilities

09 January 2007

X.org vulnerabilities

Releases

Details

The DBE and Render extensions in X.org were vulnerable to integer
overflows, which could lead to memory overwrites. An authenticated user
could make a specially crafted request and execute arbitrary code with
root privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 6.10
  • xserver-xorg-core - 1:1.1.1-0ubuntu12.1
Ubuntu 6.06
  • xserver-xorg-core - 1:1.0.2-0ubuntu10.5
Ubuntu 5.10
  • xserver-xorg-core - 6.8.2-77.2

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.