| === jono is now known as Guest6286 | ||
| darthduck | hi all | 21:15 |
|---|---|---|
| darthduck | I'm trying to get the "tip" of precise's xorg-server package. I did a 'git clone git://anonscm.debian.org/pkg-xorg/xserver/xorg-server.git' followed by 'git checkout -b ubuntu remotes/origin/ubuntu-precise' | 21:17 |
| darthduck | but I don't see the latest CVE patches, namely CVE-2013-1940.patch and CVE-2013-4396.patch | 21:18 |
| ubottu | X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1940) | 21:18 |
| ubottu | Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4396) | 21:18 |
| darthduck | Am I cloning the right repo? Am I on the wrong branch? Any help is greatly appreciated. | 21:19 |
| tjaalton | darthduck: those are not in git (yet) | 21:23 |
| darthduck | tjaalton: thanks. I'll copy them into my local git tree for the time being from my 'apt-get source' directory. | 21:58 |
| darthduck | It appears 190_cache-xkbcomp_output_for_fast_start_up.patch has differences as well. | 21:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!