-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.0 Source: xorg-server Binary: xserver-xorg-core, xserver-xorg-core-udeb, xserver-xorg-dev, xdmx, xdmx-tools, xnest, xvfb, xserver-xephyr, xserver-xorg-core-dbg, xserver-common, xorg-server-source, xwayland Architecture: any all Version: 2:1.16.2.901-1 Maintainer: Debian X Strike Force <[email protected]> Standards-Version: 3.9.2 Vcs-Browser: http://git.debian.org/?p=pkg-xorg/xserver/xorg-server.git Vcs-Git: git://git.debian.org/git/pkg-xorg/xserver/xorg-server Build-Depends: debhelper (>= 7), dpkg-dev (>= 1.16.1), quilt, lsb-release, pkg-config, bison, flex, automake, libtool, xutils-dev (>= 1:7.6+4), xfonts-utils (>= 1:7.5+1), x11proto-bigreqs-dev (>= 1:1.1.0), x11proto-composite-dev (>= 1:0.4), x11proto-core-dev (>= 7.0.26), x11proto-damage-dev (>= 1.1), x11proto-fixes-dev (>= 1:5.0), x11proto-fonts-dev (>= 2.1.3), x11proto-kb-dev (>= 1.0.3), x11proto-xinerama-dev, x11proto-randr-dev (>= 1.4.0), x11proto-record-dev (>= 1.13.99.1), x11proto-render-dev (>= 2:0.11), x11proto-resource-dev (>= 1.2.0), x11proto-scrnsaver-dev, x11proto-video-dev, x11proto-xcmisc-dev (>= 1.2.0), x11proto-xext-dev (>= 7.2.99.901), x11proto-xf86bigfont-dev (>= 1.2.0), x11proto-xf86dga-dev (>= 2.0.99.1), x11proto-xf86vidmode-dev (>= 2.2.99.1), x11proto-present-dev, x11proto-dri3-dev, xtrans-dev (>= 1.3.3), libxau-dev (>= 1:1.0.5-2), x11proto-input-dev (>= 2.3), x11proto-dri2-dev (>= 2.8), libxdmcp-dev (>= 1:0.99.1), libxfont-dev (>= 1:1.4.2), libxkbfile-dev (>= 1:0.99.1), libpixman-1-dev (>= 0.27.2), libpciaccess-dev (>= 0.12.901), libgcrypt-dev, nettle-dev, libudev-dev (>= 151-3) [linux-any], libselinux1-dev (>= 2.0.80) [linux-any], libaudit-dev [linux-any], x11proto-xf86dri-dev (>= 2.1.0), libdrm-dev (>= 2.4.3) [!hurd-i386], x11proto-gl-dev (>= 1.4.17), libgl1-mesa-dev (>= 9.2), libxmuu-dev (>= 1:0.99.1), libxext-dev (>= 1:0.99.1), libx11-dev (>= 2:1.6), libxrender-dev (>= 1:0.9.0), libxi-dev (>= 2:1.6.99.1), x11proto-dmx-dev (>= 1:2.2.99.1), libdmx-dev (>= 1:1.0.1), libxpm-dev (>= 1:3.5.3), libxaw7-dev (>= 1:0.99.1), libxt-dev (>= 1:0.99.1), libxmu-dev (>= 1:0.99.1), libxtst-dev (>= 1:0.99.1), libxres-dev (>= 1:0.99.1), libxfixes-dev (>= 1:3.0.0), libxv-dev, libxinerama-dev, libxshmfence-dev (>= 1.1) [!hurd-i386], libepoxy-dev [linux-any kfreebsd-any], libegl1-mesa-dev [linux-any kfreebsd-any], libgbm-dev [linux-any], libxcb1-dev, libxcb-shape0-dev, libxcb-util0-dev, libxcb-image0-dev, libxcb-icccm4-dev, libxcb-shm0-dev, libxcb-keysyms1-dev, libxcb-xv0-dev, libxcb-glx0-dev, libxcb-xf86dri0-dev (>= 1.6), xkb-data, x11-xkb-utils, libbsd-dev [kfreebsd-any], libwayland-dev [linux-any] Package-List: xdmx deb x11 optional arch=any xdmx-tools deb x11 optional arch=any xnest deb x11 optional arch=any xorg-server-source deb x11 optional arch=all xserver-common deb x11 optional arch=all xserver-xephyr deb x11 optional arch=any xserver-xorg-core deb x11 optional arch=any xserver-xorg-core-dbg deb debug extra arch=any xserver-xorg-core-udeb udeb debian-installer optional arch=alpha,amd64,armel,armhf,hppa,hurd-i386,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,s390 xserver-xorg-dev deb x11 optional arch=any xvfb deb x11 optional arch=any xwayland deb x11 optional arch=linux-any Checksums-Sha1: 7721e30102f6a95740998c5994aaf1440af0a751 8119705 xorg-server_1.16.2.901.orig.tar.gz 73667248ad44ecdc223d3f6c8760c18f3739b5d0 105554 xorg-server_1.16.2.901-1.diff.gz Checksums-Sha256: f54ed6143323ac39af6dff041ce2f47dce24c01c1b80092b8a6d0ca10817fd81 8119705 xorg-server_1.16.2.901.orig.tar.gz 2a276ee12ff1bd8b2e3dfbc34348e1a126fc6a44e2cff7364d5186e45c08ee11 105554 xorg-server_1.16.2.901-1.diff.gz Files: b2d2353f0288be8fa79f7570972f010b 8119705 xorg-server_1.16.2.901.orig.tar.gz 54b66c77d17e8b1075ad14f86ed9b436 105554 xorg-server_1.16.2.901-1.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUh2mGAAoJEDEBgAUJBeQMc9UQAIigdyCtd0yahFoTa3+9SsCi Y64DllkYLyrq3jLEvyIvb9CQfIH8eVU/0mtXK3SNOWkmzpNRd013E5DnnJKKQ1Cn YJU8AOaqnUO7FUxP9vkpYlJrLoKtVV+YVU2yJJZkMQ+4uT5SpwyI1h7uRdQIpDN5 ZBXekH777Gmms3c0jTFa76Br8rUetQTA1qleZzC9THlMW7s09wqrDdKbLZaFS3ib jXmfHqUsWTOy39a5BdPZaHUTkgE89BXPypJdjLYjAu4fbv4EpQGvu/7vHVSAdh9Q TSf9M267MmEHoFLjv6mxR/bmg4Q9fjC00VSuxEfwo99LgCXcoI3/TA7fFwx8QFKk 8tJnkZ+8eF4UrCZbCPv/Lsf5YCx+HTrmmWG4RWqg3HsgwCghfHrt2lgRum0eLMr3 GPhfic6EFDCiFG/tAD2TMl01+BmVTwp3xfvQ8CElf2IPege11q1Y8e2ayk3zqZ+E 7NNzbEWuw5CEXHgnyLb4cniMCxwPcirJkZtLWu9iaK7V9unMGL1vE1t0JFdRgF3u 1C6MWddjEaf17fTe6clrcWvDFaYCqXQ/tgHHxOAvy8qi1k4Qh+PM12eWnKBGSj2z SD214IjPD30KaGAoroMQnqJRNCKk3ovKG+6cRgA1Ltp4+8EDLXo1zt391ZQ+7pYX zbhIiverxwUN6EciCzcT =HwD5 -----END PGP SIGNATURE----- Changes: xorg-server (2:1.16.2.901-1) unstable; urgency=medium * New upstream release + fb: Fix Bresenham algorithms for commonly used small segments + denial of service due to unchecked malloc in client authentication [CVE-2014-8091] + integer overflows calculating memory needs for requests [CVE-2014-8092, CVE-2014-8093, CVE-2014-8094] + out of bounds access due to not validating length or offset values in requests [CVE-2014-8095, CVE-2014-8096, CVE-2014-8097, CVE-2014-8098, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102, CVE-2014-8103] See http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ * Drop 06_Revert-fb-reorder-Bresenham-error-correction-to-avoi.diff, obsoleted by the upstream fix (closes: #752156) * 09_Xserver-man-iglx.diff: adjust Xserver man page, we disable indirect glx contexts by default. -- Julien Cristau <[email protected]> Tue, 09 Dec 2014 22:04:20 +0100