-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 07 Jan 2008 13:14:19 +0100 Source: xorg-server Binary: xserver-xephyr xserver-xorg-core xvfb xdmx xserver-xorg-dev xdmx-tools xnest Architecture: source i386 Version: 2:1.1.1-21etch2 Distribution: stable-security Urgency: high Maintainer: Debian X Strike Force <debian-x@lists.debian.org> Changed-By: Julien Cristau <jcristau@debian.org> Description: xdmx - Distributed Multihead X server xdmx-tools - Distributed Multihead X tools xnest - Nested X server xserver-xephyr - Next Generation Nested X Server xserver-xorg-core - X.Org X server -- core server xserver-xorg-dev - X.Org X server -- development files xvfb - Virtual Framebuffer 'fake' X server Changes: xorg-server (2:1.1.1-21etch2) stable-security; urgency=high . * Security update, fixes the following vulnerabilities: + CVE-2007-6427: XInput Extension Memory Corruption (fd.o bug#13522) + CVE-2007-6428: TOG-CUP Extension Memory Corruption (fd.o bug#13523) + CVE-2007-6429: EVI Extension Integer Overflow (fd.o bug#13519), MIT-SHM Extension Integer Overflow (fd.o bug#13520) + CVE-2007-5760: XFree86-Misc Extension Invalid Array Index (fd.o bug#13524) + PCF font parser buffer overflow (fd.o bug#13526) + CVE-2007-5958: file existence disclosure (fd.o bug#13706) Files: 566946e373c426de34a9b05bd1c18828 1989 x11 optional xorg-server_1.1.1-21etch2.dsc e2eab18228db61351cb0feef9a79a067 627248 x11 optional xorg-server_1.1.1-21etch2.diff.gz 313ffde7ac007a0fe8dfd4ff613a2f76 3654528 x11 optional xserver-xorg-core_1.1.1-21etch2_i386.deb 08b8fdcf2475a9076a69248576f2ac3f 345240 x11 optional xserver-xorg-dev_1.1.1-21etch2_i386.deb 0c85e4a0731973a6b4a0890d9d6fb20e 808000 x11 optional xdmx_1.1.1-21etch2_i386.deb 50f2040d957afb312f18667287c0f761 121516 x11 optional xdmx-tools_1.1.1-21etch2_i386.deb 49a8c26e7ed61d537ca990391e1b3441 1388236 x11 optional xnest_1.1.1-21etch2_i386.deb 23c89dfb2a4eaba3d7b618de16f38f4f 1537730 x11 optional xvfb_1.1.1-21etch2_i386.deb 52350d64f834c793af7627734a45999c 1563094 x11 optional xserver-xephyr_1.1.1-21etch2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHgidxmEvTgKxfcAwRAi7JAJ4gVSp4jCzOlwo3Arv93feSIA/DUACgg+GW q+VCMNfRsxaIsmG/0PhnQkg= =PRCJ -----END PGP SIGNATURE----- Accepted: xdmx-tools_1.1.1-21etch2_i386.deb to pool/main/x/xorg-server/xdmx-tools_1.1.1-21etch2_i386.deb xdmx_1.1.1-21etch2_i386.deb to pool/main/x/xorg-server/xdmx_1.1.1-21etch2_i386.deb xnest_1.1.1-21etch2_i386.deb to pool/main/x/xorg-server/xnest_1.1.1-21etch2_i386.deb xorg-server_1.1.1-21etch2.diff.gz to pool/main/x/xorg-server/xorg-server_1.1.1-21etch2.diff.gz xorg-server_1.1.1-21etch2.dsc to pool/main/x/xorg-server/xorg-server_1.1.1-21etch2.dsc xserver-xephyr_1.1.1-21etch2_i386.deb to pool/main/x/xorg-server/xserver-xephyr_1.1.1-21etch2_i386.deb xserver-xorg-core_1.1.1-21etch2_i386.deb to pool/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch2_i386.deb xserver-xorg-dev_1.1.1-21etch2_i386.deb to pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch2_i386.deb xvfb_1.1.1-21etch2_i386.deb to pool/main/x/xorg-server/xvfb_1.1.1-21etch2_i386.deb