Ranjivost programskog paketa xorg

==========================================================================
Ubuntu Security Notice USN-1349-1
January 26, 2012

xorg vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS

Summary:

X could be made to start by a user who lacked appropriate permissions.

Software Description:
- xorg: X.Org X Window System

Details:

It was discovered that the X wrapper incorrectly checked certain console
permissions when launched by unprivileged users. An attacker connected
remotely could use this flaw to start X, bypassing the console permissions
check.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
xserver-xorg 1:7.6+7ubuntu7.1

Ubuntu 11.04:
xserver-xorg 1:7.6+4ubuntu3.2

Ubuntu 10.10:
xserver-xorg 1:7.5+6ubuntu3.1

Ubuntu 10.04 LTS:
xserver-xorg 1:7.5+5ubuntu1.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1349-1
CVE-2011-4613

Package Information:
https://launchpad.net/ubuntu/+source/xorg/1:7.6+7ubuntu7.1
https://launchpad.net/ubuntu/+source/xorg/1:7.6+4ubuntu3.2
https://launchpad.net/ubuntu/+source/xorg/1:7.5+6ubuntu3.1
https://launchpad.net/ubuntu/+source/xorg/1:7.5+5ubuntu1.1

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAABCgAGBQJPIZ4WAAoJEGVp2FWnRL6TEqwQAIveOI36ShwzqPoe3dmGnTlI
dCBx9Sp1I25E72tm9SKNfmLjxLT10t9EcAt9mAuqsxx5PAfx22IXkAHXE35MkFNF
Ypnd3ktWxLUxg5K8FsNTKBs77uBIoY9U6hXxsafze3cr1EVzCMR+pQo6/xMzIoqa
2Brr4a2+vL0gAJqL5XtCtJIhDpF/8DznXDLszMfQGOXH1QlRUnvgc4OSx+4aXvXU
LEAup4kgJWmK5JSLwoRngZcRo5CYIALFuAfQUdnFKdw8ItbjvpfCGz4uUiMZ+cFj
g7ymy0v8A7hyqh5W2vTZP3EpStsn27efqjlj6xm4ECu2qpCJVIu1GaIv0e4yct5S
JKz88nc9bpK0KRmz5PsB+mkBumOCv5++wLSbqNUecx24JjKg3O0Punc27kxxyKJ8
VDkxxfuoFNmRVD25IHn9oLuSfmESQRKK7IOaerFEvjigQEdM+ITVrHlp/9HATTgX
UanJHC9XeDVdLHtRQZp/L5X/8129e7Fln4bPcpQwoSodmGo0vcd3qxaY0RI+/8+S
w3QUb/09Wzmdt9qEBchSdAy1cabErinPkxtrO6ITOXtd6+NFMiebYakWPX8LExCo
VJ3pdQ3p/2sxrjQpcvZQZwcYj7ulEHNz80b7+zvxmqpG3Cp9y2lQUXyCcjm2TM5E
ZluHU8yPXD2G5BdCf64K
=kHGa
-----END PGP SIGNATURE-----
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce