openSUSE Security Update : xorg-x11-server (openSUSE-2017-710)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for xorg-x11-server fixes the following security issues :

- CVE-2017-2624: Prevent timing attack against MIT cookie.
(boo#1025029)

- Use arc4random to generate cookies with more randomness.
(boo#1025084)

- Remove unused function with use-after-free issue.
(boo#1025035)

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1025029
https://bugzilla.opensuse.org/show_bug.cgi?id=1025035
https://bugzilla.opensuse.org/show_bug.cgi?id=1025084

Solution :

Update the affected xorg-x11-server packages.

Risk factor :

Medium

Family: SuSE Local Security Checks

Nessus Plugin ID: 100883 ()

Bugtraq ID:

CVE ID: CVE-2017-2624

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now