Bug 190777 - CVE-2006-1526 X.Org buffer overflow
Summary: CVE-2006-1526 X.Org buffer overflow
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora Legacy
Classification: Retired
Component: xorg-x11
Version: fc3
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Fedora Legacy Bugs
QA Contact:
URL:
Whiteboard: impact=important, LEGACY, 3
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-05-05 02:04 UTC by Marc Deslauriers
Modified: 2007-04-18 17:42 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-06-06 23:22:43 UTC
Embargoed:

Attachments (Terms of Use)
Proposed FLSA for xorg-x11 (12.24 KB, text/plain)
2006-06-05 09:53 UTC, David Eisenstein 		no flags Details
View All

Description Marc Deslauriers 2006-05-05 02:04:40 UTC 
+++ This bug was initially created as a clone of Bug #189801 +++

X.Org bugger overflow

Bart Massey, a X.Org user reported that "When running rendertest from
XCB xcb/xcb-demo, the Xorg X server crashes partway through.  100%
reproducible on a wide variety of graphics architectures".

The upstream bug for this issue can be found here:
https://bugs.freedesktop.org/show_bug.cgi?id=6642

The problem, analyzed by Eric Anholt is a typo in render/mitri.c,
which was incorrectly calculating the size of a buffer.

-- Additional comment from mjc on 2006-05-02 10:44 EST --
now public, removing embargo
http://lists.freedesktop.org/archives/xorg/2006-May/015136.html

-- Additional comment from bugzilla on 2006-05-04 07:42 EST --

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0451.html
Comment 1 Marc Deslauriers 2006-05-05 22:25:15 UTC 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here is an updated package to QA for FC3.

fa5d8ee56fc046f0d6a8f4663a0b0b4fa6cc307e  xorg-x11-6.8.2-1.FC3.45.3.legacy.src.rpm

Downloads:

http://www.infostrategique.com/linuxrpms/legacy/3/xorg-x11-6.8.2-1.FC3.45.3.legacy.src.rpm



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEW9MdLMAs/0C4zNoRAqLGAJ4mV8O6AEvRwCGVvommOTa3/T1TvQCfd+5h
drKPZAjbBhN1TwcC3hY32Tc=
=ZmeM
-----END PGP SIGNATURE-----
Comment 2 Pekka Savola 2006-05-06 06:20:26 UTC 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

QA w/ rpm-build-compare.sh:
 - source integrity good
 - spec file changes minimal
 - patch identical to RHEL4

+PUBLISH FC3

fa5d8ee56fc046f0d6a8f4663a0b0b4fa6cc307e  xorg-x11-6.8.2-1.FC3.45.3.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFEXEG8GHbTkzxSL7QRAld/AKC3l1NzPX21F4e8TjAK4fLFZ1Mt5wCfcgd/
WQwS+TmytoKbU5KzaI5Q+xE=
=bAEx
-----END PGP SIGNATURE-----
Comment 3 Marc Deslauriers 2006-05-15 23:41:22 UTC 
These were pushed to updates-testing
Comment 4 Pekka Savola 2006-05-26 15:05:18 UTC 
Timeout in 2 weeks from being pushed to updates-testing.
Comment 5 Pekka Savola 2006-05-31 05:00:35 UTC 
Timeout over.
Comment 6 David Eisenstein 2006-06-05 09:53:54 UTC 
Created attachment 130485 [details]
Proposed FLSA for xorg-x11
Comment 7 Marc Deslauriers 2006-06-06 23:22:43 UTC 
Packages were released to updates.
Note You need to log in before you can comment on or make changes to this bug.