This bug was fixed in the package xorg-server-hwe-16.04 -
2:1.19.3-1ubuntu1~16.04.2
---------------
xorg-server-hwe-16.04 (2:1.19.3-1ubuntu1~16.04.2) xenial; urgency=medium
* SECURITY UPDATE: DoS and possible code execution in endianness
conversion of X Events
- debian/patches/CVE-2017-10971-1.patch: do not try to swap
GenericEvent in Xi/sendexev.c.
- debian/patches/CVE-2017-10971-2.patch: verify all events in
ProcXSendExtensionEvent in Xi/sendexev.c.
- debian/patches/CVE-2017-10971-3.patch: disallow GenericEvent in
SendEvent request in dix/events.c, dix/swapreq.c.
- CVE-2017-10971
* SECURITY UPDATE: information leak in XEvent handling
- debian/patches/CVE-2017-10972.patch: zero target buffer in
SProcXSendExtensionEvent in Xi/sendexev.c.
- CVE-2017-10972
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Tue, 25 Jul 2017
09:04:30 -0400
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libdrm in Ubuntu.
https://bugs.launchpad.net/bugs/1687981
Title:
Backport packages for 16.04.3 HWE stack
Status in libclc package in Ubuntu:
Invalid
Status in libdrm package in Ubuntu:
Invalid
Status in libinput package in Ubuntu:
Invalid
Status in libwacom package in Ubuntu:
Invalid
Status in libxfont package in Ubuntu:
Invalid
Status in libxfont2 package in Ubuntu:
Invalid
Status in llvm-toolchain-4.0 package in Ubuntu:
Invalid
Status in mesa package in Ubuntu:
Invalid
Status in virtualbox-hwe package in Ubuntu:
Fix Released
Status in vulkan package in Ubuntu:
Invalid
Status in wayland package in Ubuntu:
Invalid
Status in x11proto-core package in Ubuntu:
Invalid
Status in xfonts-utils package in Ubuntu:
Invalid
Status in xorg-hwe-16.04 package in Ubuntu:
Invalid
Status in xorg-server package in Ubuntu:
Invalid
Status in xorg-server-hwe-16.04 package in Ubuntu:
Invalid
Status in libclc source package in Xenial:
Fix Released
Status in libdrm source package in Xenial:
Fix Released
Status in libinput source package in Xenial:
Fix Released
Status in libwacom source package in Xenial:
Fix Released
Status in libxfont source package in Xenial:
Fix Released
Status in libxfont2 source package in Xenial:
Fix Released
Status in llvm-toolchain-4.0 source package in Xenial:
Fix Released
Status in mesa source package in Xenial:
Fix Released
Status in vulkan source package in Xenial:
Fix Released
Status in wayland source package in Xenial:
Fix Released
Status in x11proto-core source package in Xenial:
Fix Released
Status in xfonts-utils source package in Xenial:
Fix Released
Status in xorg-hwe-16.04 source package in Xenial:
Fix Released
Status in xorg-server source package in Xenial:
Invalid
Status in xorg-server-hwe-16.04 source package in Xenial:
Fix Released
Bug description:
[Impact]
*** hwe-16.04 refresh for 16.04.3 ***
Revert changes to use debhelper10.
xorg-server-hwe-16.04 needs updates
- wayland 1.11 (but zesty has 1.12 which mesa needs so backport that)
- x11proto-core 7.0.31
- libxfont-dev 2.0.1, which also means backporting libxfont1 (NEW)
x-x-i-libinput will not replace -evdev in x-x-i-all-hwe-16.04 because the
unity mouse config doesn't work with -libinput.
x-x-i-libinput needs newer libinput, which in turn needs libwacom update.
Mesa needs llvm-4.0 and libclc, libdrm, wayland updates.
[Test case]
upgrade from/to stock & old hwe stack, test desktop usage
[Regression potential]
zesty hasn't blown up
[Other information]
build order:
1. x11proto-core, libdrm, libxfont, libxfont1, libwacom, llvm-toolchain-4.0,
vulkan, wayland
2. libclc, libinput, xorg-server (build-dep libxfont1-dev)
3. mesa, xorg-server-hwe-16.04
4. drivers
5. xorg-hwe-16.04
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libclc/+bug/1687981/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
