Bug 185084 - CVE-2006-0745 xorg-x11 privilege escalation
Summary: CVE-2006-0745 xorg-x11 privilege escalation
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: xorg-x11
Version: rawhide
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
Assignee: X/OpenGL Maintenance List
QA Contact: David Lawrence
URL:
Whiteboard: source=vendorsec,reported=20060310,em...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-03-10 14:35 UTC by Mark J. Cox
Modified: 2013-01-10 13:56 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-06-27 14:04:51 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Mark J. Cox 2006-03-10 14:35:20 UTC 
We were notified that Coverity scans of X.Org source code revealed an issue that
could be used by a local user to cause a DoS (remove/mess with root-owned files)
or privilege escalation.

This issue only affected code added after 6.8.2 was released and therefore does
not affect RHEL or FC4 (verified by code inspection)

STRICTLY EMBARGOED until April 6th 2006.  Suggest you do not make any commit
even to the embargoed branch until this time.

Note this issue will affect FC4 if you release any FC4 updates that increment
the version; I suggest holding off on any planned FC4 updates unless they are
keeping the same upstream 6.8.2 verison.
Comment 3 Mark J. Cox 2006-03-13 10:13:30 UTC 
We've asked if the embargo can be moved.  They're considering this and will let
us know by tommorrow.
Comment 13 Josh Bressers 2006-03-20 17:55:42 UTC 
Lifting embargo.
Comment 14 Mike A. Harris 2006-06-27 14:04:51 UTC 
This bug was fixed a long time ago in xorg-x11-server-1.0.1-9 and the
latest update is currently xorg-x11-server-1.0.1-9.fc5.1.1

Closing as "ERRATA"
Note You need to log in before you can comment on or make changes to this bug.