Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » SUSE-2014:10108

Overview

Id SUSE-2014:10108
Name Novell SUSE 2014:10108 xorg-x11-Xvnc security update for SLE 11 SP3 x86_64
Vendor Name novell
Product Novell
Content Type Critical - 01 Critical - 01
Language(s)
Operating System(s) Linux 
Released On 17 Dec 2014 12:00:00

SUSE-2014:10108

Novell SUSE 2014:10108 xorg-x11-Xvnc security update for SLE 11 SP3 x86_64

Vendor Name

novell

Product

Novell

Released On

17 Dec 2014 12:00:00

Url

http://www.novell.com/support

Description

LSAC(v2)
The XOrg X11 server was updated to fix 12 security issues: * Denial of service due to unchecked malloc in client authentication (CVE-2014-8091). * Integer overflows calculating memory needs for requests (CVE-2014-8092). * Integer overflows calculating memory needs for requests in GLX extension (CVE-2014-8093). * Integer overflows calculating memory needs for requests in DRI2 extension (CVE-2014-8094). * Out of bounds access due to not validating length or offset values in requests in XInput extension (CVE-2014-8095). * Out of bounds access due to not validating length or offset values in requests in XC-MISC extension (CVE-2014-8096). * Out of bounds access due to not validating length or offset values in requests in DBE extension (CVE-2014-8097). * Out of bounds access due to not validating length or offset values in requests in GLX extension (CVE-2014-8098). * Out of bounds access due to not validating length or offset values in requests in XVideo extension (CVE-2014-8099). * Out of bounds access due to not validating length or offset values in requests in Render extension (CVE-2014-8100). * Out of bounds access due to not validating length or offset values in requests in RandR extension (CVE-2014-8101). * Out of bounds access due to not validating length or offset values in requests in XFixes extension (CVE-2014-8102). Additionally, these non-security issues were fixed: * Fix crash in RENDER protocol, PanoramiX wrappers (bnc#864911). * Some formats used for pictures did not work with the chosen framebuffer format (bnc#886213). Security Issues: * CVE-2014-8091 * CVE-2014-8092 * CVE-2014-8093 * CVE-2014-8094 * CVE-2014-8095 * CVE-2014-8096 * CVE-2014-8097 * CVE-2014-8098 * CVE-2014-8099 * CVE-2014-8100 * CVE-2014-8101 * CVE-2014-8102

Related Resources

Related Vulnerabilities

None

Related Patches

Superseded Patches


Last Updated: 27 May 2016 11:20:32