Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:23874
HistoryMay 17, 2010 - 12:00 a.m.

[ MDVSA-2010:095 ] libxext

2010-05-1700:00:00
vulners.com
7

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Mandriva Linux Security Advisory MDVSA-2010:095
http://www.mandriva.com/security/


Package : libxext
Date : May 12, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0


Problem Description:

A vulnerability has been discovered and fixed in libxext:

There's a race condition in libXext that causes apps that use the X
shared memory extensions to occasionally crash.

Packages for 2008.0 and 2009.0 are provided due to the Extended
Maintenance Program for those products.

The corrected packages solves this problem.


References:

http://lists.freedesktop.org/archives/xcb/2009-October/005102.html
http://crbug.com/25324
http://cgit.freedesktop.org/xorg/lib/libXext/commit/?id=956fd30e1046e5779ac0b6c07ec4f0e87250869a


Updated Packages:

Mandriva Linux 2008.0:
ad8fd95b87fc8b9a6fb343c47db9506c 2008.0/i586/libxext6-1.0.3-1.1mdv2008.0.i586.rpm
f20b40d2eb46373e67f15687adff3db1 2008.0/i586/libxext6-devel-1.0.3-1.1mdv2008.0.i586.rpm
290699cbb64a52a25557d09bb41bf244 2008.0/i586/libxext6-static-devel-1.0.3-1.1mdv2008.0.i586.rpm
2b51d891924056f31602439a9fe678d5 2008.0/SRPMS/libxext-1.0.3-1.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
d53d3e82879543b33a207bdc557a0132 2008.0/x86_64/lib64xext6-1.0.3-1.1mdv2008.0.x86_64.rpm
8b8848e41fb2230efc2bd31f7949eab3 2008.0/x86_64/lib64xext6-devel-1.0.3-1.1mdv2008.0.x86_64.rpm
27fb66d245b0cbf720c69f46fe88c538 2008.0/x86_64/lib64xext6-static-devel-1.0.3-1.1mdv2008.0.x86_64.rpm
2b51d891924056f31602439a9fe678d5 2008.0/SRPMS/libxext-1.0.3-1.1mdv2008.0.src.rpm

Mandriva Linux 2009.0:
4e787ff5e464f9c5b49d9af191763bd6 2009.0/i586/libxext6-1.0.4-2.1mdv2009.0.i586.rpm
f3c193f8524069269db78a48015af7d3 2009.0/i586/libxext6-devel-1.0.4-2.1mdv2009.0.i586.rpm
9df3da9e5c5521e042c57ed09253893a 2009.0/i586/libxext6-static-devel-1.0.4-2.1mdv2009.0.i586.rpm
e9970b9bd08d5c9ecd662a85dd6c4371 2009.0/SRPMS/libxext-1.0.4-2.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
a23579189108c72f49cbe76a20971137 2009.0/x86_64/lib64xext6-1.0.4-2.1mdv2009.0.x86_64.rpm
77edbaa536b888f34dbbd1d8a88d9f19 2009.0/x86_64/lib64xext6-devel-1.0.4-2.1mdv2009.0.x86_64.rpm
8bb522eca226fa6309304c823b380650 2009.0/x86_64/lib64xext6-static-devel-1.0.4-2.1mdv2009.0.x86_64.rpm
e9970b9bd08d5c9ecd662a85dd6c4371 2009.0/SRPMS/libxext-1.0.4-2.1mdv2009.0.src.rpm

Mandriva Linux 2009.1:
9ff7e42573e3150a71422a4850075bc8 2009.1/i586/libxext6-1.0.5-2.1mdv2009.1.i586.rpm
39b8b9956410e9331420ae1151ec03e1 2009.1/i586/libxext6-devel-1.0.5-2.1mdv2009.1.i586.rpm
10ab96b84c8fbb4b3b4ac25cc4d2c3f8 2009.1/i586/libxext6-static-devel-1.0.5-2.1mdv2009.1.i586.rpm
0176ab4c8af885d79e681fede1065f46 2009.1/SRPMS/libxext-1.0.5-2.1mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
eeef3de59cb0f165da7743ad1308a211 2009.1/x86_64/lib64xext6-1.0.5-2.1mdv2009.1.x86_64.rpm
dbbb84959627b84f74b101ec8104c11c 2009.1/x86_64/lib64xext6-devel-1.0.5-2.1mdv2009.1.x86_64.rpm
7e7dabaf366ef5b8b4f3001f13a72ce6 2009.1/x86_64/lib64xext6-static-devel-1.0.5-2.1mdv2009.1.x86_64.rpm
0176ab4c8af885d79e681fede1065f46 2009.1/SRPMS/libxext-1.0.5-2.1mdv2009.1.src.rpm

Mandriva Linux 2010.0:
6e04840f5af1408570332de3398baa9e 2010.0/i586/libxext6-1.0.5-1.2mdv2010.0.i586.rpm
3481fee943a662442907d3e27895045f 2010.0/i586/libxext6-devel-1.0.5-1.2mdv2010.0.i586.rpm
0f3fae7db2f4193f18ee02acc825f6cd 2010.0/i586/libxext6-static-devel-1.0.5-1.2mdv2010.0.i586.rpm
4925a2ab4e28ce29c6a0dc91eb002325 2010.0/SRPMS/libxext-1.0.5-1.2mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
3829d3ce2d9489b2a5e4c20438e76e27 2010.0/x86_64/lib64xext6-1.0.5-1.2mdv2010.0.x86_64.rpm
8415205e2961c8826084c9151f2a0a1a 2010.0/x86_64/lib64xext6-devel-1.0.5-1.2mdv2010.0.x86_64.rpm
45444c657ff3007d2275417b33a591dc 2010.0/x86_64/lib64xext6-static-devel-1.0.5-1.2mdv2010.0.x86_64.rpm
4925a2ab4e28ce29c6a0dc91eb002325 2010.0/SRPMS/libxext-1.0.5-1.2mdv2010.0.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFL6xO5mqjQ0CJFipgRAuKgAJ9cTATrxceCPa5RdZF4QxrY02YS9QCgzbQf
LR9v7AgXgqOfgQFxWwwW77k=
=6boW
-----END PGP SIGNATURE-----