Debian DSA-2679-1 : xserver-xorg-video-openchrome - several vulnerabilities
Medium Nessus Plugin ID 66563
SynopsisThe remote Debian host is missing a security-related update.
DescriptionIlja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
SolutionUpgrade the xserver-xorg-video-openchrome packages.
For the oldstable distribution (squeeze), this problem has been fixed in version 1:0.2.904+svn842-2+squeeze1.
For the stable distribution (wheezy), this problem has been fixed in version 1:0.2.906-2+deb7u1.