SuSE 11.1 Security Update : Xorg (SAT Patch Number 5294)

High Nessus Plugin ID 57139


The remote SuSE 11 host is missing one or more security updates.


This update for xorg-x11-server and xorg-x11-libs brings improved compatibility fixes and enhancements for The main feature is support for Multi monitor configurations with independent heads, which used to be supported with SUSE Linux Enterprise 10 (VGA Arbitration Support).

During update to Service Pack 1, the support for AppGroup Extension was removed from the X11 Server. This update fixes this regression and adds back the support. (bnc#709943)

Additionally this update fixes bugs in the AppGroup Extensions, which resulted in Xserver crashes. (bnc#716355)

It also fixes an issue with changing the mouse mode to absolute.

It also fixes an issue with button release on non-core pointing devices. (bnc#698281)

In addition to that, multiple missing or incorrect bounds checking flaws were fixed in in GLX (CVE-2010-4818) and in the X Render Extension (CVE-2010-4819) were fixed, which could be used to crash the X server.

A regression in handling TWM was fixed as well. (bnc#709987)


Apply SAT patch number 5294.

See Also

Plugin Details

Severity: High

ID: 57139

File Name: suse_11_xorg-x11-server-libs-111010.nasl

Version: $Revision: 1.3 $

Type: local

Agent: unix

Published: 2011/12/13

Modified: 2013/10/25

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 8.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:libpciaccess0, p-cpe:/a:novell:suse_linux:11:libpciaccess0-32bit, p-cpe:/a:novell:suse_linux:11:libpciaccess0-devel, p-cpe:/a:novell:suse_linux:11:xorg-x11-Xvnc, p-cpe:/a:novell:suse_linux:11:xorg-x11-devel, p-cpe:/a:novell:suse_linux:11:xorg-x11-libs, p-cpe:/a:novell:suse_linux:11:xorg-x11-libs-32bit, p-cpe:/a:novell:suse_linux:11:xorg-x11-server, p-cpe:/a:novell:suse_linux:11:xorg-x11-server-extra, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2011/10/10

Reference Information

CVE: CVE-2010-4818, CVE-2010-4819