diff options
| author | kwm <kwm@FreeBSD.org> | 2017-10-10 03:29:14 +0800 |
|---|---|---|
| committer | kwm <kwm@FreeBSD.org> | 2017-10-10 03:29:14 +0800 |
| commit | 339aa42c0357a05b713913c6f2d85742b2a225cd (patch) | |
| tree | 620a9fed0fce2163103cf3a2fa941c196eada276 /security/vuxml/vuln.xml | |
| parent | dce31ca1e6d1e480aece69963a12ffd62a120af9 (diff) | |
| download | freebsd-ports-gnome-339aa42c0357a05b713913c6f2d85742b2a225cd.tar.gz freebsd-ports-gnome-339aa42c0357a05b713913c6f2d85742b2a225cd.tar.zst freebsd-ports-gnome-339aa42c0357a05b713913c6f2d85742b2a225cd.zip | |
Document two xorg-server vulnabilities.
Security: CVE-2017-13721, CVE-2017-13723
Diffstat (limited to 'security/vuxml/vuln.xml')
| -rw-r--r-- | security/vuxml/vuln.xml | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b9d370abb6b1..71f71083bcfc 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,56 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="4f8ffb9c-f388-4fbd-b90f-b3131559d888"> + <topic>xorg-server -- multiple vulnabilities</topic> + <affects> + <package> + <name>xephyr</name> + <range><lt>1.18.4_4,1</lt></range> + </package> + <package> + <name>xorg-dmx</name> + <range><lt>1.18.4_4,1</lt></range> + </package> + <package> + <name>xorg-nestserver</name> + <range><lt>1.19.1_1,2</lt></range> + </package> + <package> + <name>xorg-server</name> + <range><lt>1.18.4_4,1</lt></range> + </package> + <package> + <name>xorg-vfbserver</name> + <range><lt>1.19.1_1,1</lt></range> + </package> + <package> + <name>xwayland</name> + <range><lt>1.19.1_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>SO-AND-SO reports:</p> + <blockquote cite="https://lists.x.org/archives/xorg-announce/2017-October/002809.html"> + <p>X.Org thanks Michal Srb of SuSE for finding these issues + and bringing them to our attention, Julien Cristau of + Debian for getting the fixes integrated, and Adam Jackson + of Red Hat for publishing the release.</p> + </blockquote> + </body> + </description> + <references> + <url>https://lists.x.org/archives/xorg-announce/2017-October/002809.html</url> + <cvename>CVE-2017-13721</cvename> + <cvename>CVE-2017-13723</cvename> + </references> + <dates> + <discovery>2017-10-04</discovery> + <entry>2017-10-09</entry> + </dates> + </vuln> + <vuln vid="c0dae634-4820-4505-850d-b1c975d0f67d"> <topic>tomcat -- Remote Code Execution</topic> <affects> |