Hi, On Thu, Jan 31, 2013 at 12:10:16AM +0100, Luciano Bello wrote: > Package: xserver-xorg-video-qxl > Severity: grave > Tags: security patch > Justification: user security hole > > Hi there, > Take a look to http://seclists.org/oss-sec/2013/q1/204 > Please, use CVE-2013-0241 to refer this issue. > The Debian package in unstable looks affected. Can you check if the stable > or > testings are affected too? > > Cheers, > luciano Would you like to check xserver-xorg-video-qxl 0.0.17 is affected?
According to http://seclists.org/oss-sec/2013/q1/204, this bug is fixed in commit 30b4b72cdbdf9f0e92a8d1c4e01779f60f15a741, which is included in 0.0.17. I'm backport this patch to 0.0.12, I'll let you know when it is ready. Thanks and Regards, -- Liang Guo http://bluestone.cublog.cn
signature.asc
Description: Digital signature
