Recent vulnerabilities in xorg-server

Eygene Ryabinkin rea-fbsd at codelabs.ru
Tue Jan 16 08:29:34 UTC 2007 

Gentlemen!

May I remind you about Xorg issues. Or you're already identified
them as false-positive? I can not see the vulnerability in the
http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/vuxml/vuln.xml?rev=.
so I assume that it was either considered false or not yes processed.

Thanks!

Thu, Jan 11, 2007 at 10:56:16AM +0300, Eygene Ryabinkin wrote:
> Remko, good day!
> 
> > 	    Thanks for the notification! We are kinda busy at the
> > 	    moment, so if you could spare a minute and write a
> > 	    VuXML entry (a draft would also suffice), we can
> > 	    more easily add it. If you are unable to do so, no
> > 	    probs, but it is likely to take a bit longer to
> > 	    get the things incorporated.
> Attached. The discovery date is given by the date of the
> original posts in Securityfocus bugtraq list:
> http://www.securityfocus.com/archive/1/456437/30/0/threaded
> http://www.securityfocus.com/archive/1/456434/30/0/threaded
> http://www.securityfocus.com/archive/1/456434/30/0/threaded
> 
> The disclosure timeline is different (the same for all three posts):
> -----
> VIII. DISCLOSURE TIMELINE
> 
> 12/04/2006 Initial vendor notification
> 12/05/2006 Initial vendor response
> 01/09/2007 Coordinated public disclosure
> -----
> 
> > 	    Thanks for using FreeBSD and your willingness to improve
> > 	    the product! It is being appriciated.
> You're welcome ;))
> -- 
> Eygene

>   <vuln vid="yet-unknown">
>     <topic>xorg-server -- multiple vulnerabilities.</topic>
>     <affects>
>       <package>
>         <name>xorg-server</name>
>         <range><le>6.9.0_5</le></range>
>       </package>
>     </affects>
>     <description>
>       <body xmlns="http://www.w3.org/1999/xhtml">
>         <blockquote cite="http://xorg.freedesktop.org/releases/X11R6.9.0/patches/index.html">
>         <h1>x11r6.9.0-dbe-render.diff</h1>
> 	<p>CVE-2006-6101 CVE-2006-6102 CVE-2006-6103: The
> 	ProcDbeGetVisualInfo(), ProcDbeSwapBuffer() and
> 	ProcRenderAddGlyphs() functions in the X server, implementing
> 	requests for the dbe and render extensions, may be used to
> 	overwrite data on the stack or in other parts of the X
> 	server memory.</p>
>         <h1>x11r6.9.0-cidfonts.diff</h1>
> 	<p>CVE-2006-2006-3739 and CVE 2006-3740: It may be possible
> 	for a user with the ability to set the X server font path,
> 	by making it point to a malicious font, to cause arbitrary
> 	code execution or denial of service on the X server.</p>
>         </blockquote>
>       </body>
>     </description>
>     <references>
>       <freebsdpr>ports/107733</freebsdpr>
>       <cvename>CVE-2006-3739</cvename>
>       <cvename>CVE-2006-3740</cvename>
>       <cvename>CVE-2006-6101</cvename>
>       <cvename>CVE-2006-6102</cvename>
>       <cvename>CVE-2006-6103</cvename>
>       <url>http://xorg.freedesktop.org/releases/X11R6.9.0/patches/index.html</url>
>     </references>
>     <dates>
>       <discovery>2007-01-09</discovery>
>       <entry>2007-01-11</entry>
>     </dates>
>   </vuln>
-- 
Eygene

More information about the freebsd-security mailing list