Updated x11-server packages fix security vulnerabilities & bugs
Publication date: 06 Nov 2017Modification date: 06 Nov 2017
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-12176 , CVE-2017-12177 , CVE-2017-12178 , CVE-2017-12179 , CVE-2017-12180 , CVE-2017-12181 , CVE-2017-12182 , CVE-2017-12183 , CVE-2017-12184 , CVE-2017-12185 , CVE-2017-12186 , CVE-2017-12187
Description
The upstream 1.19.4 update we pushed as:
http://advisories.mageia.org/MGASA-2017-0366.html
introduced a regression in PRIME syncronization.
Upstream released a 1.19.5 that fixes that and a lot of security fixes:
CVE-2017-12176 to CVE-2017-12187
Also added a fix for "XShmGetImage: fix censoring" that is described as:
"Visually this fixes chromium/firefox window sharing in multiscreen
configurations - without this patch most of the windows on 'secondary'
screens are black."
This also should fix https://bugs.freedesktop.org/show_bug.cgi?id=101730.
References
- https://bugs.mageia.org/show_bug.cgi?id=21848
- https://bugs.freedesktop.org/show_bug.cgi?id=101730
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7PTJE7ZFQ6WA3TNLKJYRT5SI74CWC3ID/
- https://www.debian.org/security/2017/dsa-4000
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12176
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12177
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12178
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12179
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12180
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12181
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12182
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12183
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12184
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12185
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12186
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12187
SRPMS
6/core
- x11-server-1.19.5-1.1.mga6