Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.2971
Xorg security and bug fix update
7 August 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Xorg
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux WS/Desktop 7
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2018-15864 CVE-2018-15863 CVE-2018-15862
CVE-2018-15861 CVE-2018-15859 CVE-2018-15857
CVE-2018-15856 CVE-2018-15855 CVE-2018-15854
CVE-2018-15853 CVE-2018-14600 CVE-2018-14599
CVE-2018-14598
Reference: ESB-2018.2582
ESB-2018.2562
Original Bulletin:
https://access.redhat.com/errata/RHSA-2019:2079
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Xorg security and bug fix update
Advisory ID: RHSA-2019:2079-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2019:2079
Issue date: 2019-08-06
CVE Names: CVE-2018-14598 CVE-2018-14599 CVE-2018-14600
CVE-2018-15853 CVE-2018-15854 CVE-2018-15855
CVE-2018-15856 CVE-2018-15857 CVE-2018-15859
CVE-2018-15861 CVE-2018-15862 CVE-2018-15863
CVE-2018-15864
=====================================================================
1. Summary:
An update for Xorg is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
3. Description:
X.Org is an open-source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.
Security Fix(es):
* libX11: Crash on invalid reply in XListExtensions in ListExt.c
(CVE-2018-14598)
* libX11: Off-by-one error in XListExtensions in ListExt.c (CVE-2018-14599)
* libX11: Out of Bounds write in XListExtensions in ListExt.c
(CVE-2018-14600)
* libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a
crash (CVE-2018-15857)
* libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash
(CVE-2018-15853)
* libxkbcommon: NULL pointer dereference resulting in a crash
(CVE-2018-15854)
* libxkbcommon: NULL pointer dereference when handling xkb_geometry
(CVE-2018-15855)
* libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a
crash (CVE-2018-15856)
* libxkbcommon: NULL pointer dereference when parsing invalid atoms in
ExprResolveLhs resulting in a crash (CVE-2018-15859)
* libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a
crash (CVE-2018-15861)
* libxkbcommon: NULL pointer dereference in LookupModMask resulting in a
crash (CVE-2018-15862)
* libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate
resulting in a crash (CVE-2018-15863)
* libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a
crash (CVE-2018-15864)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.7 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1529419 - RHEL-7.5-Alpha Message log show " fatal IO error 11 (Resource temporarily unavailable) on X server ":9""
1623009 - CVE-2018-15853 libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash
1623012 - CVE-2018-15854 libxkbcommon: NULL pointer dereference resulting in a crash
1623013 - CVE-2018-15855 libxkbcommon: NULL pointer dereference when handling xkb_geometry
1623018 - CVE-2018-15856 libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash
1623022 - CVE-2018-15857 libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash
1623026 - CVE-2018-15859 libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash
1623028 - CVE-2018-15861 libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash
1623029 - CVE-2018-15862 libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash
1623030 - CVE-2018-15863 libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash
1623033 - CVE-2018-15864 libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash
1623238 - CVE-2018-14598 libX11: Crash on invalid reply in XListExtensions in ListExt.c
1623242 - CVE-2018-14600 libX11: Out of Bounds write in XListExtensions in ListExt.c
1623250 - CVE-2018-14599 libX11: Off-by-one error in XListExtensions in ListExt.c
1624847 - [RHEL 7.6 Bug] Can not install with graphic mode or boot into graphic mode
1632807 - User session is terminated after User Switch
1635747 - Switching users in GNOME session is starting new X servers for the user, and a user logout is making it unusable.
1642197 - Cintiq 27QHD triggers error messages on proximity in
1648116 - radeon caicos family GPU locks up in ring 0 after update to 7.6
1650166 - Xorg crash after RHEL7.6 update
1650634 - FBDEV(1): FBIOPUTCMAP and xorg fails to load
1665433 - [Hyper-V][RHEL 7.6]Startx will have segment fault with hyper-V environment
1674474 - Xorg crashes with SIGABRT with radeon driver
1680120 - Killing inactive user causes active session to fail
1724300 - visual lag and screen update delays with libX11
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
gdm-3.28.2-16.el7.src.rpm
libX11-1.6.7-2.el7.src.rpm
libxkbcommon-0.7.1-3.el7.src.rpm
xorg-x11-drv-ati-19.0.1-2.el7.src.rpm
xorg-x11-drv-vesa-2.4.0-3.el7.src.rpm
xorg-x11-drv-wacom-0.36.1-3.el7.src.rpm
xorg-x11-server-1.20.4-7.el7.src.rpm
noarch:
libX11-common-1.6.7-2.el7.noarch.rpm
x86_64:
gdm-3.28.2-16.el7.i686.rpm
gdm-3.28.2-16.el7.x86_64.rpm
gdm-debuginfo-3.28.2-16.el7.i686.rpm
gdm-debuginfo-3.28.2-16.el7.x86_64.rpm
libX11-1.6.7-2.el7.i686.rpm
libX11-1.6.7-2.el7.x86_64.rpm
libX11-debuginfo-1.6.7-2.el7.i686.rpm
libX11-debuginfo-1.6.7-2.el7.x86_64.rpm
libX11-devel-1.6.7-2.el7.i686.rpm
libX11-devel-1.6.7-2.el7.x86_64.rpm
libxkbcommon-0.7.1-3.el7.i686.rpm
libxkbcommon-0.7.1-3.el7.x86_64.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.i686.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.x86_64.rpm
libxkbcommon-x11-0.7.1-3.el7.i686.rpm
libxkbcommon-x11-0.7.1-3.el7.x86_64.rpm
xorg-x11-drv-ati-19.0.1-2.el7.x86_64.rpm
xorg-x11-drv-ati-debuginfo-19.0.1-2.el7.x86_64.rpm
xorg-x11-drv-vesa-2.4.0-3.el7.x86_64.rpm
xorg-x11-drv-vesa-debuginfo-2.4.0-3.el7.x86_64.rpm
xorg-x11-drv-wacom-0.36.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.x86_64.rpm
xorg-x11-server-Xephyr-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xorg-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-common-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
xorg-x11-server-source-1.20.4-7.el7.noarch.rpm
x86_64:
gdm-debuginfo-3.28.2-16.el7.i686.rpm
gdm-debuginfo-3.28.2-16.el7.x86_64.rpm
gdm-devel-3.28.2-16.el7.i686.rpm
gdm-devel-3.28.2-16.el7.x86_64.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.i686.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.x86_64.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.i686.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.x86_64.rpm
libxkbcommon-devel-0.7.1-3.el7.i686.rpm
libxkbcommon-devel-0.7.1-3.el7.x86_64.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.i686.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.i686.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.i686.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.x86_64.rpm
xorg-x11-server-Xdmx-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xnest-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xvfb-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xwayland-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.i686.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-devel-1.20.4-7.el7.i686.rpm
xorg-x11-server-devel-1.20.4-7.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
libX11-1.6.7-2.el7.src.rpm
libxkbcommon-0.7.1-3.el7.src.rpm
noarch:
libX11-common-1.6.7-2.el7.noarch.rpm
x86_64:
libX11-1.6.7-2.el7.i686.rpm
libX11-1.6.7-2.el7.x86_64.rpm
libX11-debuginfo-1.6.7-2.el7.i686.rpm
libX11-debuginfo-1.6.7-2.el7.x86_64.rpm
libxkbcommon-0.7.1-3.el7.i686.rpm
libxkbcommon-0.7.1-3.el7.x86_64.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.i686.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
Source:
gdm-3.28.2-16.el7.src.rpm
xorg-x11-drv-wacom-0.36.1-3.el7.src.rpm
xorg-x11-server-1.20.4-7.el7.src.rpm
noarch:
xorg-x11-server-source-1.20.4-7.el7.noarch.rpm
x86_64:
gdm-3.28.2-16.el7.i686.rpm
gdm-3.28.2-16.el7.x86_64.rpm
gdm-debuginfo-3.28.2-16.el7.i686.rpm
gdm-debuginfo-3.28.2-16.el7.x86_64.rpm
gdm-devel-3.28.2-16.el7.i686.rpm
gdm-devel-3.28.2-16.el7.x86_64.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.i686.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.x86_64.rpm
libX11-debuginfo-1.6.7-2.el7.i686.rpm
libX11-debuginfo-1.6.7-2.el7.x86_64.rpm
libX11-devel-1.6.7-2.el7.i686.rpm
libX11-devel-1.6.7-2.el7.x86_64.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.i686.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.x86_64.rpm
libxkbcommon-devel-0.7.1-3.el7.i686.rpm
libxkbcommon-devel-0.7.1-3.el7.x86_64.rpm
libxkbcommon-x11-0.7.1-3.el7.i686.rpm
libxkbcommon-x11-0.7.1-3.el7.x86_64.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.i686.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-0.36.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.i686.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.i686.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.x86_64.rpm
xorg-x11-server-Xdmx-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xephyr-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xnest-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xorg-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xvfb-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xwayland-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-common-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.i686.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-devel-1.20.4-7.el7.i686.rpm
xorg-x11-server-devel-1.20.4-7.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
gdm-3.28.2-16.el7.src.rpm
libX11-1.6.7-2.el7.src.rpm
libxkbcommon-0.7.1-3.el7.src.rpm
mesa-libGLw-8.0.0-5.el7.src.rpm
xorg-x11-drv-ati-19.0.1-2.el7.src.rpm
xorg-x11-drv-vesa-2.4.0-3.el7.src.rpm
xorg-x11-drv-wacom-0.36.1-3.el7.src.rpm
xorg-x11-server-1.20.4-7.el7.src.rpm
noarch:
libX11-common-1.6.7-2.el7.noarch.rpm
ppc64:
gdm-3.28.2-16.el7.ppc.rpm
gdm-3.28.2-16.el7.ppc64.rpm
gdm-debuginfo-3.28.2-16.el7.ppc.rpm
gdm-debuginfo-3.28.2-16.el7.ppc64.rpm
libX11-1.6.7-2.el7.ppc.rpm
libX11-1.6.7-2.el7.ppc64.rpm
libX11-debuginfo-1.6.7-2.el7.ppc.rpm
libX11-debuginfo-1.6.7-2.el7.ppc64.rpm
libX11-devel-1.6.7-2.el7.ppc.rpm
libX11-devel-1.6.7-2.el7.ppc64.rpm
libxkbcommon-0.7.1-3.el7.ppc.rpm
libxkbcommon-0.7.1-3.el7.ppc64.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.ppc.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.ppc64.rpm
libxkbcommon-devel-0.7.1-3.el7.ppc.rpm
libxkbcommon-devel-0.7.1-3.el7.ppc64.rpm
libxkbcommon-x11-0.7.1-3.el7.ppc.rpm
libxkbcommon-x11-0.7.1-3.el7.ppc64.rpm
mesa-libGLw-8.0.0-5.el7.ppc.rpm
mesa-libGLw-8.0.0-5.el7.ppc64.rpm
mesa-libGLw-debuginfo-8.0.0-5.el7.ppc.rpm
mesa-libGLw-debuginfo-8.0.0-5.el7.ppc64.rpm
mesa-libGLw-devel-8.0.0-5.el7.ppc.rpm
mesa-libGLw-devel-8.0.0-5.el7.ppc64.rpm
xorg-x11-drv-ati-19.0.1-2.el7.ppc64.rpm
xorg-x11-drv-ati-debuginfo-19.0.1-2.el7.ppc64.rpm
xorg-x11-drv-wacom-0.36.1-3.el7.ppc64.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.ppc64.rpm
xorg-x11-server-Xephyr-1.20.4-7.el7.ppc64.rpm
xorg-x11-server-Xorg-1.20.4-7.el7.ppc64.rpm
xorg-x11-server-common-1.20.4-7.el7.ppc64.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.ppc64.rpm
ppc64le:
gdm-3.28.2-16.el7.ppc64le.rpm
gdm-debuginfo-3.28.2-16.el7.ppc64le.rpm
libX11-1.6.7-2.el7.ppc64le.rpm
libX11-debuginfo-1.6.7-2.el7.ppc64le.rpm
libX11-devel-1.6.7-2.el7.ppc64le.rpm
libxkbcommon-0.7.1-3.el7.ppc64le.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.ppc64le.rpm
libxkbcommon-devel-0.7.1-3.el7.ppc64le.rpm
libxkbcommon-x11-0.7.1-3.el7.ppc64le.rpm
mesa-libGLw-8.0.0-5.el7.ppc64le.rpm
mesa-libGLw-debuginfo-8.0.0-5.el7.ppc64le.rpm
mesa-libGLw-devel-8.0.0-5.el7.ppc64le.rpm
xorg-x11-drv-ati-19.0.1-2.el7.ppc64le.rpm
xorg-x11-drv-ati-debuginfo-19.0.1-2.el7.ppc64le.rpm
xorg-x11-drv-wacom-0.36.1-3.el7.ppc64le.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.ppc64le.rpm
xorg-x11-server-Xephyr-1.20.4-7.el7.ppc64le.rpm
xorg-x11-server-Xorg-1.20.4-7.el7.ppc64le.rpm
xorg-x11-server-common-1.20.4-7.el7.ppc64le.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.ppc64le.rpm
s390x:
gdm-3.28.2-16.el7.s390.rpm
gdm-3.28.2-16.el7.s390x.rpm
gdm-debuginfo-3.28.2-16.el7.s390.rpm
gdm-debuginfo-3.28.2-16.el7.s390x.rpm
libX11-1.6.7-2.el7.s390.rpm
libX11-1.6.7-2.el7.s390x.rpm
libX11-debuginfo-1.6.7-2.el7.s390.rpm
libX11-debuginfo-1.6.7-2.el7.s390x.rpm
libX11-devel-1.6.7-2.el7.s390.rpm
libX11-devel-1.6.7-2.el7.s390x.rpm
libxkbcommon-0.7.1-3.el7.s390.rpm
libxkbcommon-0.7.1-3.el7.s390x.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.s390.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.s390x.rpm
libxkbcommon-devel-0.7.1-3.el7.s390.rpm
libxkbcommon-devel-0.7.1-3.el7.s390x.rpm
libxkbcommon-x11-0.7.1-3.el7.s390.rpm
libxkbcommon-x11-0.7.1-3.el7.s390x.rpm
mesa-libGLw-8.0.0-5.el7.s390.rpm
mesa-libGLw-8.0.0-5.el7.s390x.rpm
mesa-libGLw-debuginfo-8.0.0-5.el7.s390.rpm
mesa-libGLw-debuginfo-8.0.0-5.el7.s390x.rpm
mesa-libGLw-devel-8.0.0-5.el7.s390.rpm
mesa-libGLw-devel-8.0.0-5.el7.s390x.rpm
xorg-x11-server-Xephyr-1.20.4-7.el7.s390x.rpm
xorg-x11-server-common-1.20.4-7.el7.s390x.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.s390x.rpm
x86_64:
gdm-3.28.2-16.el7.i686.rpm
gdm-3.28.2-16.el7.x86_64.rpm
gdm-debuginfo-3.28.2-16.el7.i686.rpm
gdm-debuginfo-3.28.2-16.el7.x86_64.rpm
libX11-1.6.7-2.el7.i686.rpm
libX11-1.6.7-2.el7.x86_64.rpm
libX11-debuginfo-1.6.7-2.el7.i686.rpm
libX11-debuginfo-1.6.7-2.el7.x86_64.rpm
libX11-devel-1.6.7-2.el7.i686.rpm
libX11-devel-1.6.7-2.el7.x86_64.rpm
libxkbcommon-0.7.1-3.el7.i686.rpm
libxkbcommon-0.7.1-3.el7.x86_64.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.i686.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.x86_64.rpm
libxkbcommon-devel-0.7.1-3.el7.i686.rpm
libxkbcommon-devel-0.7.1-3.el7.x86_64.rpm
libxkbcommon-x11-0.7.1-3.el7.i686.rpm
libxkbcommon-x11-0.7.1-3.el7.x86_64.rpm
mesa-libGLw-8.0.0-5.el7.i686.rpm
mesa-libGLw-8.0.0-5.el7.x86_64.rpm
mesa-libGLw-debuginfo-8.0.0-5.el7.i686.rpm
mesa-libGLw-debuginfo-8.0.0-5.el7.x86_64.rpm
mesa-libGLw-devel-8.0.0-5.el7.i686.rpm
mesa-libGLw-devel-8.0.0-5.el7.x86_64.rpm
xorg-x11-drv-ati-19.0.1-2.el7.x86_64.rpm
xorg-x11-drv-ati-debuginfo-19.0.1-2.el7.x86_64.rpm
xorg-x11-drv-vesa-2.4.0-3.el7.x86_64.rpm
xorg-x11-drv-vesa-debuginfo-2.4.0-3.el7.x86_64.rpm
xorg-x11-drv-wacom-0.36.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.x86_64.rpm
xorg-x11-server-Xephyr-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xorg-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-common-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
xorg-x11-server-source-1.20.4-7.el7.noarch.rpm
ppc64:
gdm-debuginfo-3.28.2-16.el7.ppc.rpm
gdm-debuginfo-3.28.2-16.el7.ppc64.rpm
gdm-devel-3.28.2-16.el7.ppc.rpm
gdm-devel-3.28.2-16.el7.ppc64.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.ppc.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.ppc64.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.ppc.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.ppc64.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.ppc.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.ppc64.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.ppc.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.ppc64.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.ppc.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.ppc64.rpm
xorg-x11-server-Xdmx-1.20.4-7.el7.ppc64.rpm
xorg-x11-server-Xnest-1.20.4-7.el7.ppc64.rpm
xorg-x11-server-Xvfb-1.20.4-7.el7.ppc64.rpm
xorg-x11-server-Xwayland-1.20.4-7.el7.ppc64.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.ppc.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.ppc64.rpm
xorg-x11-server-devel-1.20.4-7.el7.ppc.rpm
xorg-x11-server-devel-1.20.4-7.el7.ppc64.rpm
ppc64le:
gdm-debuginfo-3.28.2-16.el7.ppc64le.rpm
gdm-devel-3.28.2-16.el7.ppc64le.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.ppc64le.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.ppc64le.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.ppc64le.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.ppc64le.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.ppc64le.rpm
xorg-x11-server-Xdmx-1.20.4-7.el7.ppc64le.rpm
xorg-x11-server-Xnest-1.20.4-7.el7.ppc64le.rpm
xorg-x11-server-Xvfb-1.20.4-7.el7.ppc64le.rpm
xorg-x11-server-Xwayland-1.20.4-7.el7.ppc64le.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.ppc64le.rpm
xorg-x11-server-devel-1.20.4-7.el7.ppc64le.rpm
s390x:
gdm-debuginfo-3.28.2-16.el7.s390.rpm
gdm-debuginfo-3.28.2-16.el7.s390x.rpm
gdm-devel-3.28.2-16.el7.s390.rpm
gdm-devel-3.28.2-16.el7.s390x.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.s390.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.s390x.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.s390.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.s390x.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.s390.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.s390x.rpm
xorg-x11-server-Xdmx-1.20.4-7.el7.s390x.rpm
xorg-x11-server-Xnest-1.20.4-7.el7.s390x.rpm
xorg-x11-server-Xvfb-1.20.4-7.el7.s390x.rpm
xorg-x11-server-Xwayland-1.20.4-7.el7.s390x.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.s390x.rpm
x86_64:
gdm-debuginfo-3.28.2-16.el7.i686.rpm
gdm-debuginfo-3.28.2-16.el7.x86_64.rpm
gdm-devel-3.28.2-16.el7.i686.rpm
gdm-devel-3.28.2-16.el7.x86_64.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.i686.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.x86_64.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.i686.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.x86_64.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.i686.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.i686.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.i686.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.x86_64.rpm
xorg-x11-server-Xdmx-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xnest-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xvfb-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xwayland-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.i686.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-devel-1.20.4-7.el7.i686.rpm
xorg-x11-server-devel-1.20.4-7.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
gdm-3.28.2-16.el7.src.rpm
libX11-1.6.7-2.el7.src.rpm
libxkbcommon-0.7.1-3.el7.src.rpm
mesa-libGLw-8.0.0-5.el7.src.rpm
xorg-x11-drv-ati-19.0.1-2.el7.src.rpm
xorg-x11-drv-vesa-2.4.0-3.el7.src.rpm
xorg-x11-drv-wacom-0.36.1-3.el7.src.rpm
xorg-x11-server-1.20.4-7.el7.src.rpm
noarch:
libX11-common-1.6.7-2.el7.noarch.rpm
x86_64:
gdm-3.28.2-16.el7.i686.rpm
gdm-3.28.2-16.el7.x86_64.rpm
gdm-debuginfo-3.28.2-16.el7.i686.rpm
gdm-debuginfo-3.28.2-16.el7.x86_64.rpm
libX11-1.6.7-2.el7.i686.rpm
libX11-1.6.7-2.el7.x86_64.rpm
libX11-debuginfo-1.6.7-2.el7.i686.rpm
libX11-debuginfo-1.6.7-2.el7.x86_64.rpm
libX11-devel-1.6.7-2.el7.i686.rpm
libX11-devel-1.6.7-2.el7.x86_64.rpm
libxkbcommon-0.7.1-3.el7.i686.rpm
libxkbcommon-0.7.1-3.el7.x86_64.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.i686.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.x86_64.rpm
libxkbcommon-devel-0.7.1-3.el7.i686.rpm
libxkbcommon-devel-0.7.1-3.el7.x86_64.rpm
libxkbcommon-x11-0.7.1-3.el7.i686.rpm
libxkbcommon-x11-0.7.1-3.el7.x86_64.rpm
mesa-libGLw-8.0.0-5.el7.i686.rpm
mesa-libGLw-8.0.0-5.el7.x86_64.rpm
mesa-libGLw-debuginfo-8.0.0-5.el7.i686.rpm
mesa-libGLw-debuginfo-8.0.0-5.el7.x86_64.rpm
mesa-libGLw-devel-8.0.0-5.el7.i686.rpm
mesa-libGLw-devel-8.0.0-5.el7.x86_64.rpm
xorg-x11-drv-ati-19.0.1-2.el7.x86_64.rpm
xorg-x11-drv-ati-debuginfo-19.0.1-2.el7.x86_64.rpm
xorg-x11-drv-vesa-2.4.0-3.el7.x86_64.rpm
xorg-x11-drv-vesa-debuginfo-2.4.0-3.el7.x86_64.rpm
xorg-x11-drv-wacom-0.36.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.x86_64.rpm
xorg-x11-server-Xephyr-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xorg-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-common-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
xorg-x11-server-source-1.20.4-7.el7.noarch.rpm
x86_64:
gdm-debuginfo-3.28.2-16.el7.i686.rpm
gdm-debuginfo-3.28.2-16.el7.x86_64.rpm
gdm-devel-3.28.2-16.el7.i686.rpm
gdm-devel-3.28.2-16.el7.x86_64.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.i686.rpm
gdm-pam-extensions-devel-3.28.2-16.el7.x86_64.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.i686.rpm
libxkbcommon-debuginfo-0.7.1-3.el7.x86_64.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.i686.rpm
libxkbcommon-x11-devel-0.7.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.i686.rpm
xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.x86_64.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.i686.rpm
xorg-x11-drv-wacom-devel-0.36.1-3.el7.x86_64.rpm
xorg-x11-server-Xdmx-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xnest-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xvfb-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-Xwayland-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.i686.rpm
xorg-x11-server-debuginfo-1.20.4-7.el7.x86_64.rpm
xorg-x11-server-devel-1.20.4-7.el7.i686.rpm
xorg-x11-server-devel-1.20.4-7.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2018-14598
https://access.redhat.com/security/cve/CVE-2018-14599
https://access.redhat.com/security/cve/CVE-2018-14600
https://access.redhat.com/security/cve/CVE-2018-15853
https://access.redhat.com/security/cve/CVE-2018-15854
https://access.redhat.com/security/cve/CVE-2018-15855
https://access.redhat.com/security/cve/CVE-2018-15856
https://access.redhat.com/security/cve/CVE-2018-15857
https://access.redhat.com/security/cve/CVE-2018-15859
https://access.redhat.com/security/cve/CVE-2018-15861
https://access.redhat.com/security/cve/CVE-2018-15862
https://access.redhat.com/security/cve/CVE-2018-15863
https://access.redhat.com/security/cve/CVE-2018-15864
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXUl289zjgjWX9erEAQij/xAAnDVdq/xFYu1HgIoo5x4aW6WHHa08RqRU
k2xtyurW7hGwuobS5Qpo2CA0QH9rxehVqt/RTGQKKIEg4INESfIdWTPixhF/Hkne
PqsAYzxP3oPPIKOKkGcsVw5J9p9hyO3VuQunxVD3852gMEPycCh9eDzHXmIb+ZiW
XlYILiIE3srxhddEkaf/HysNmu5AUTXX7SQfZPcj06qQrpa7jia6KIW9rUMhn0Eg
DNYWLrCLJJ96FA9jAzCZyBblx7oMIBk/4nMNXWCRCSw2q/fuDoseGM6t7xZUsaBS
VS7YEIGcq7GsYoQUCvzCYfz2mYk0VqYfGtQ9QHG/aCUM5ie4yCemoFuHkRDhT5If
BfdAefOOkaDtb0m7fYZNQ6UUdAigwkihs7B9b/CrRMHl2g2qD/pC9DF9Jb7PY6Nt
GXHkhrkcSNu1GLatixo0OUE7xEtAj4nJ+MfTKEuSx6OXm5BuNYo+t+W5qJnr8j+9
lXNj6pDd5ejinC3B72ME3fBXjZYzxhnUqzTGv9yB5BEKM2Al7f5sdbES3WC9osOF
s/yO5fRgtmZIN3nH/wN5YgoWQKNZHbspszNbvJ8TomrfQbqP+x75IwZgLaHk/Vfz
bLQHxgarwVJeGpqRFoslM2sdY2oon9FFmzygwOZtgLSFBuoE4GguHH/+C6kC4xZw
EBFUYXAQKvU=
=epww
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXUpjrWaOgq3Tt24GAQgOgA//Qci7E42qt/pV7mgjGT5zMTMtcPLrZfAM
6A9CnK4xUcoYeacvw7vPqTZHaD5WX344EXZl/4hr+7aysbYRnSn3ODTWZQMkSJ7s
EJYuoiMuf6ftpzqNlXazpgUISkOGaqnzsOz8nDdlhaO+ML7pVPTT5obDNugnT3lH
ickSZK/qaDM8CHHzG4sK2Rc5Ss4SxEhLA1//BtjcwTaTUjEI8UzqkENriFWlaDnN
bSFkgOL+j9wbSFULZDHOOP1gjZUPZWpeq/CgV2pL93vANN7zTZXHQjRY5g0x71OO
mHd6YhvysA7fAvN3xepH3E8oDF/VEWuwGQaRmqt4ETt4+bQK0MSdO+b93LKDnZg0
XVqbGCduFkWg4jJwrewOh7/Wp+pydulHFt9/XK3SJmvdfYp0JYcTixjvJcAD2iUN
wOeRT66867sghQ77NyTANkXMky55kbZKFZOaLtUKt+S+L0FTQ9hAKxHZLO8BMIRs
siXgXV6t0Lz+l69Y8TtahV6iFqVE89/lMZaO6Q++pe+LCDmOQ0GE2O4I7TLvAib5
GbGQLFs3SnIgaeMu4Tg5BGqMLjAfck4lB0j6OtH7ZAhkGJhrN835hhZTrC1fQTZ1
MmuQE/25GFv9TVZmK2SIXbhNlV14nb096+LjHnpp5Z7g8nOsyZmeetM1LGMLvXIQ
0IR8SlsKZE4=
=CKI4
-----END PGP SIGNATURE-----