Re: CVE Request: xorg-server and pixman

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/04/2013 07:46 AM, Jamie Strandboge wrote:
> On 12/04/2013 01:09 AM, Murray McAllister wrote:
> > On 12/04/2013 03:32 PM, Kurt Seifried wrote:
> > > On 12/03/2013 10:54 AM, Jamie Strandboge wrote:
> > >
> > > > Hi,
> > >
> > > > This bug has been public since August but I could find a CVE
> > > > for it: https://launchpad.net/bugs/1197921
> > >
> > > > There are two bugs - Xorg can be made to crash and pixman
> > > > can trigger the aformentioned Xorg crash. A simplified
> > > > reproducer is in the pixman patches with another reproducer
> > > > in the Launchpad bug. The xorg
> > >
> > > > xorg-server - exa: only draw valid trapezoids The patch was 
> > > > submitted in October but doesn't seem to be applied yet, so
> > > > I'm CC'ing xorg_security. Patch references the pixman f.d.o
> > > > bug, but doesn't seem to have an associated xorg bug. 
> > > > http://patchwork.freedesktop.org/patch/14769/ 
> > > > http://lists.x.org/archives/xorg-devel/2013-October/037996.html
> > >
> > > >
Pixman - Corrupted CustomShape crashes Xorg
> > > > https://bugs.freedesktop.org/show_bug.cgi?id=67484 Patch: - 
> > > > 5e14da97f16e421d084a9e735be21b1025150f0c (fix) - 
> > > > 2f876cf86718d3dd9b3b04ae9552530edafe58a1 (test case)
> > >
> > > > Thanks!
> > >
> > >
> > > So only x.org crashes, you can trigger it via X.org, or via
> > > pixman? or is pixman also crashing?
> >
> > From https://bugs.freedesktop.org/show_bug.cgi?id=67484 and 
> > http://patchwork.freedesktop.org/patch/14769/ it sounded like it
> > would affect both 1) crash an application using pixman 2) crash
> > the X server
> >
> > Is that correct?
>
> AIUI, this is correct. See: 
> https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/1197921/comments/28
>
>  "No, it really is a bug in pixman too. I just fixed the same
> comparison that happens in xorg-server, but pixman is still
> affected."

Thanks. Please use CVE-2013-6424 for the issue in xorg-server

Please use CVE-2013-6425 for the issue in pixman.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBAgAGBQJSn26cAAoJEBYNRVNeJnmTguYP/3TopPXbCDX05nRTa66Ujpbr
A27KAVV/f9kRJInqKAND9pPqn3gxqlMdTyHftFsffn9qqf2b09rnO5jGDr7w/Mcp
L/0kXWrCRLjL6ATHOtncONx98sD1xH/u+5kdx9YmsHEqj4r0zbNrKOqXHVd9hOIe
y+7LyL2zOj4sWa+jG9rzYEDSlErE8OKgpKHE2MA+4wO0Ke5CICNd07ipXz5no2fW
fKfaYvoh+95bTEKzQJT95jmbIxj8nrsYIWQSu7Cn68XUwsR7vCxZVCU5zQkk6vmi
Hxeyv4Xo4QG4z5atMgg8NwTb2xLHjay9N8nFxYTu5J10MOGMqPncp90RYCjOZe5A
pP8pKjCIxC6CtgubuwF0gMRVO4U/jSOSbU949h8TUyCQNqM2CNpTBY1kmfbkSd+X
D6UBHfz1Sx0zt98h4bPhvq4hD+jn6yTfHpad8u2CxYalr3PMyxK4HtOTBTQTpJQL
TH75F1Fy7+S+fjSaXT+jl4yqQXyGJ6coDGUzHimuBiPAOrAw4pDHAqOYwRz2LH6a
laSnDYniRuA0MY9AhLvBxoepxFtazWW25m82efZzO93ayDo2QbNNrDo8lHWXws1k
Lq4gWL7dgx/LuD3XMmdZN6nagWHYGETsYrw4w90bxUH9DFCChEj+M00I6sPSh151
ceZqoiWqnt5tCOtd2dAe
=cdlh
-----END PGP SIGNATURE-----