Wednesday, July 2, 2008

Security Update: XOrg Server

Three security updates plus one update to fonts has been released on -Current version of Slackware. The security updates are related to XOrg packages. Soon, Slackware might migrate to XOrg 1.5 which has been released, but that would be in the next cycle of the -Current tree (it hasn't officially started yet).

Here's the latest -Current changelog:
Tue Jul 1 13:29:45 CDT 2008
Upgraded to wqy-zenhei-font-ttf-0.6.26-0.
Thanks to the WenQuanYi font authors for producing such a high-quality font.

Upgraded xorg-server to address denial of service and possible arbitrary code execution flaws reported in xorg-server 1.4 prior to 1.4.2.
For more information about the issues patched, please refer to:
(* Security fix *)

x/xorg-server-xnest-1.4.2-i486-1.tgz: Security fixes (see CVE entries above).
(* Security fix *)

x/xorg-server-xvfb-1.4.2-i486-1.tgz: Security fixes (see CVE entries above).
(* Security fix *)