First Last Prev Next    This bug is not in your last search results.
Bug 1063038 - (CVE-2017-12179) VUL-0: CVE-2017-12179: xorg-x11-server: Xi: integer overflow and unvalidated length in (S)ProcXIBarrierReleasePointer
(CVE-2017-12179)
VUL-0: CVE-2017-12179: xorg-x11-server: Xi: integer overflow and unvalidated ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
CVSSv2:SUSE:CVE-2017-12179:4.6:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-10-12 14:26 UTC by Johannes Segitz
Modified: 2018-05-25 22:43 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Upstream patch (1.78 KB, patch)
2017-10-12 14:26 UTC, Johannes Segitz 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-10-12 14:26:10 UTC 
Created attachment 744112 [details]
Upstream patch

CVE-2017-12179: Xi: integer overflow and unvalidated length in (S)ProcXIBarrierReleasePointer

Details are in https://cgit.freedesktop.org/xorg/xserver/
Comment 1 Bernhard Wiedemann 2017-10-16 12:01:45 UTC 
This is an autogenerated message for OBS integration:
This bug (1063038) was mentioned in
https://build.opensuse.org/request/show/534191 42.2+42.3 / xorg-x11-server
Comment 3 Stefan Dirsch 2017-10-16 15:24:44 UTC 
sle10-sp4: SR#143999
TW is considered done by the update to xorg-server 1.19.5
Comment 4 Stefan Dirsch 2017-10-16 15:28:08 UTC 
Security update done. Reassigning to security team for tracking.
Comment 7 Swamp Workflow Management 2017-10-18 14:51:02 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2017-11-01.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63886
Comment 9 Swamp Workflow Management 2017-10-20 22:16:58 UTC 
openSUSE-SU-2017:2823-1: An update that fixes 12 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1063034,1063035,1063037,1063038,1063039,1063040,1063041
CVE References: CVE-2017-12176,CVE-2017-12177,CVE-2017-12178,CVE-2017-12179,CVE-2017-12180,CVE-2017-12181,CVE-2017-12182,CVE-2017-12183,CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187
Sources used:
openSUSE Leap 42.3 (src):    xorg-x11-server-7.6_1.18.3-28.1
openSUSE Leap 42.2 (src):    xorg-x11-server-7.6_1.18.3-12.26.1
Comment 10 Swamp Workflow Management 2017-11-16 17:10:11 UTC 
SUSE-SU-2017:3025-1: An update that fixes 13 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1025084,1051150,1063034,1063035,1063037,1063038,1063039,1063040,1063041
CVE References: CVE-2017-12176,CVE-2017-12177,CVE-2017-12178,CVE-2017-12179,CVE-2017-12180,CVE-2017-12181,CVE-2017-12182,CVE-2017-12183,CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187,CVE-2017-13723
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    xorg-x11-server-7.4-27.122.16.1
SUSE Linux Enterprise Server 11-SP4 (src):    xorg-x11-server-7.4-27.122.16.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    xorg-x11-server-7.4-27.122.16.1
Comment 11 Swamp Workflow Management 2017-11-22 20:10:58 UTC 
SUSE-SU-2017:3047-1: An update that fixes 14 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1022727,1051150,1052984,1061107,1063034,1063035,1063037,1063038,1063039,1063040,1063041
CVE References: CVE-2017-12176,CVE-2017-12177,CVE-2017-12178,CVE-2017-12179,CVE-2017-12180,CVE-2017-12181,CVE-2017-12182,CVE-2017-12183,CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187,CVE-2017-13721,CVE-2017-13723
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    xorg-x11-server-7.6_1.18.3-76.15.2
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    xorg-x11-server-7.6_1.18.3-76.15.2
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    xorg-x11-server-7.6_1.18.3-76.15.2
SUSE Linux Enterprise Server 12-SP3 (src):    xorg-x11-server-7.6_1.18.3-76.15.2
SUSE Linux Enterprise Server 12-SP2 (src):    xorg-x11-server-7.6_1.18.3-76.15.2
SUSE Linux Enterprise Desktop 12-SP3 (src):    xorg-x11-server-7.6_1.18.3-76.15.2
SUSE Linux Enterprise Desktop 12-SP2 (src):    xorg-x11-server-7.6_1.18.3-76.15.2
Comment 12 Marcus Meissner 2017-12-27 20:14:15 UTC 
released
First Last Prev Next    This bug is not in your last search results.