version 1.11, 2007/10/11 15:07:22 |
version 1.12, 2008/02/08 06:35:03 |
|
|
|
|
<ul> |
<ul> |
|
|
|
<li><a name="012_xorg"></a> |
|
<font color="#009000"><strong>012: SECURITY FIX: February 8, 2008</strong></font> <i>All architectures</i><br> |
|
Multiple vulnerabilities have been discovered in X.Org.<br> |
|
XFree86 Misc extension out of bounds array index, |
|
File existence disclosure, |
|
Xinput extension memory corruption, |
|
TOG-cup extension memory corruption, |
|
MIT-SHM and EVI extensions integer overflows, |
|
PCF Font parser buffer overflow. |
|
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760">CVE-2007-5760</a>, |
|
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958">CVE-2007-5958</a>, |
|
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427">CVE-2007-6427</a>, |
|
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428">CVE-2007-6428</a>, |
|
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429">CVE-2007-6429</a>, |
|
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006">CVE-2008-0006</a>. |
|
<br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/012_xorg.patch"> |
|
A source code patch exists which remedies this problem</a>.<br> |
|
<p> |
|
|
<li><a name="011_openssl"></a> |
<li><a name="011_openssl"></a> |
<font color="#009000"><strong>011: SECURITY FIX: October 10, 2007</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>011: SECURITY FIX: October 10, 2007</strong></font> <i>All architectures</i><br> |
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.<br> |
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow. |
<br> |
<br> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/011_openssl.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/011_openssl.patch"> |
A source code patch exists which remedies this problem</a>.<br> |
A source code patch exists which remedies this problem</a>.<br> |