Package name
x11-server
Date
2013-04-10
Advisory ID
MDVSA-2013:139
Affected versions
MBS1 x86_64

Problem description

This fixes a format string vulnerability in the LogVHdrMessageVerb
function in os/log.c when handling input device names in X.Org X11
server (CVE-2012-2118).

MBS1 is not vulnerable to arbitrary code execution via this
vulnerability because of the compiler options that were used to build
it, but it can still cause a crash.

Updated packages

MBS1 x86_64

 00a312b53f5f738eb99136baa320b377  mbs1/x86_64/x11-server-1.11.4-12.1.mbs1.x86_64.rpm
 5d7904e06c3ac9f9a2ec7ffc17e08e84  mbs1/x86_64/x11-server-common-1.11.4-12.1.mbs1.x86_64.rpm
 0afd9ce4b40f61de739c6e044b18214d  mbs1/x86_64/x11-server-devel-1.11.4-12.1.mbs1.x86_64.rpm
 cd0740f1c1b38629c715d4928b5b073c  mbs1/x86_64/x11-server-source-1.11.4-12.1.mbs1.noarch.rpm
 f67e5502f5a3f539b63f3035b6d2bfeb  mbs1/x86_64/x11-server-xdmx-1.11.4-12.1.mbs1.x86_64.rpm
 0ade415fecb6b7025db51ca751713284  mbs1/x86_64/x11-server-xephyr-1.11.4-12.1.mbs1.x86_64.rpm
 e876de003069ff43554b5df2bb44a92c  mbs1/x86_64/x11-server-xfake-1.11.4-12.1.mbs1.x86_64.rpm
 a063fca83d52a911533a0e65507593c5  mbs1/x86_64/x11-server-xfbdev-1.11.4-12.1.mbs1.x86_64.rpm
 d77deac2203fab6cd1dcff00bee9c706  mbs1/x86_64/x11-server-xnest-1.11.4-12.1.mbs1.x86_64.rpm
 0d404052d4611a66228afadf3ce406c9  mbs1/x86_64/x11-server-xorg-1.11.4-12.1.mbs1.x86_64.rpm
 28d31da41ae4293f0565a25c385058bd  mbs1/x86_64/x11-server-xvfb-1.11.4-12.1.mbs1.x86_64.rpm 
 f2c9457f6009e3d0f1b6cf29b575128f  mbs1/SRPMS/x11-server-1.11.4-12.1.mbs1.src.rpm

References