Hi, Luciano, On Thu, Jan 31, 2013 at 12:10:16AM +0100, Luciano Bello wrote: > Package: xserver-xorg-video-qxl > Severity: grave > Tags: security patch > Justification: user security hole > > Hi there, > Take a look to http://seclists.org/oss-sec/2013/q1/204 > Please, use CVE-2013-0241 to refer this issue. > The Debian package in unstable looks affected. Can you check if the stable > or > testings are affected too? I checked the patch, it modified following function:
qxl_handle_oom
qxl_allocnf
setup_slot
qxl_surface_cache_create_primary
download_box
qxl_allocnf exist in qxl 0.0.12, but it have not use ioport_write
function, other function don't exist in qxl 0.0.12.
Could you please check wheather this bug affect qxl in squeeze ?
Thanks and Regards,
--
Liang Guo
http://bluestone.cublog.cn
signature.asc
Description: Digital signature
