~ubuntu-branches/ubuntu/natty/xorg-server/natty-security

Viewing all changes in revision 216.

  • Committer: Bazaar Package Importer
  • Author(s): Marc Deslauriers
  • Date: 2011-10-13 11:03:44 UTC
  • mfrom: (215.1.2 natty-proposed)
  • Revision ID: james.westby@ubuntu.com-20111013110344-iexo0cjrj3m0w9l8
Tags: 2:1.10.1-1ubuntu1.3
* SECURITY UPDATE: file existence disclosure
  - debian/patches/505_CVE-2011-4028.patch: open lockfile with O_NOFOLLOW
    in os/utils.c.
  - CVE-2011-4028
* SECURITY UPDATE: privilege escalation via file permission change
  - debian/patches/506_CVE-2011-4029.patch: use fchmod to prevent race
    in os/utils.c.
  - CVE-2011-4029

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: