/srv/irclogs.ubuntu.com/2013/11/05/#ubuntu-x.txt

=== jono is now known as Guest6286
darthduckhi all21:15
darthduckI'm trying to get the "tip" of precise's xorg-server package.  I did a 'git clone git://anonscm.debian.org/pkg-xorg/xserver/xorg-server.git' followed by 'git checkout -b ubuntu remotes/origin/ubuntu-precise'21:17
darthduckbut I don't see the latest CVE patches, namely CVE-2013-1940.patch and CVE-2013-4396.patch21:18
ubottuX.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1940)21:18
ubottuUse-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4396)21:18
darthduckAm I cloning the right repo?  Am I on the wrong branch?  Any help is greatly appreciated.21:19
tjaaltondarthduck: those are not in git (yet)21:23
darthducktjaalton: thanks.  I'll copy them into my local git tree for the time being from my 'apt-get source' directory.21:58
darthduckIt appears 190_cache-xkbcomp_output_for_fast_start_up.patch has differences as well.21:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!