Bug 824294

Might be the security fixes for the X libs. Please go back to 12.3 original packages:

libXtst6
libXext6
libX11-6
libxcb*
libXau6

Then test with libXtst6 updated, then test with libXtst6 and libXext6 updated,
and so on. So I can see, which update broke it.

Downgrading these two, it still failed:
libXtst6
libXext6

When I downgrade libX11-6 in addition, it did not fail anymore.

So, just downgrading libX11-6 solves is.

I'm wondering whether this has been broken upstream ?!?

  http://web.archiveorange.com/archive/v/gTLYUQfbF5UuzxwOZyoE

There are two patches, which broke it in the same manner. It is sufficient to apply only one of them. Disabling both fixes the issue apparently.

1. U_0010-unvalidated-index-in-_XkbReadVirtualModMap-CVE-2013-.patch
2. U_0011-unvalidated-index-length-in-_XkbReadGetNamesReply-CV.patch

I'm going to attach both patches.

Created attachment 543669 [details]
U_0010-unvalidated-index-in-_XkbReadVirtualModMap-CVE-2013-.patch

First patch, which breaks liX11.

Created attachment 543670 [details]
U_0011-unvalidated-index-length-in-_XkbReadGetNamesReply-CV.patch

Second patch, which breaks libX11.

Created attachment 543675 [details]
U_0001-xkb-fix-off-by-one-in-_XkbReadGetNamesReply-and-_Xkb.patch

Ok. It has been silently fixed in git. Right before the latest libX11 release.

openSUSE 12.2/12.3: SR#178548
sle11: SR#27111

==> Closing as fixed.

This is an autogenerated message for OBS integration:
This bug (824294) was mentioned in
https://build.opensuse.org/request/show/178548 Maintenance /

I guess this one is fixed already:
my wife noticed broken dolphin and I tracked it down to
libX11-6-1.5.0-2.4.1 maintenance update


Thread 1 (Thread 0x7f27b8aa9780 (LWP 32295)):
[KCrash Handler]
#5  0x00007f27b82d5d25 in raise () from /lib64/libc.so.6
#6  0x00007f27b82d71a8 in abort () from /lib64/libc.so.6
#7  0x00007f27b82cec22 in __assert_fail_base () from /lib64/libc.so.6
#8  0x00007f27b82cecd2 in __assert_fail () from /lib64/libc.so.6
#9  0x00007f27b1fcfbed in _XReply () from /usr/lib64/libX11.so.6
#10 0x00007f27b2019fcf in XkbGetState () from /usr/lib64/libX11.so.6
#11 0x00007f27b5fb3c8f in ?? () from /usr/lib64/libkdeui.so.5
#12 0x00007f27b5eded31 in KModifierKeyInfo::KModifierKeyInfo(QObject*) () from /usr/lib64/libkdeui.so.5
#13 0x00007f27b868a6d0 in ?? () from /usr/lib64/libkdeinit4_dolphin.so
#14 0x00007f27b8684ca6 in ?? () from /usr/lib64/libkdeinit4_dolphin.so
#15 0x00007f27b86796bd in ?? () from /usr/lib64/libkdeinit4_dolphin.so
#16 0x00007f27b868ec44 in kdemain () from /usr/lib64/libkdeinit4_dolphin.so
#17 0x00007f27b82c2455 in __libc_start_main () from /lib64/libc.so.6
#18 0x0000000000400731 in _start ()


downgrading helped
zypper in -f libX11-6-1.5.0-2.1.2

> #9  0x00007f27b1fcfbed in _XReply () from /usr/lib64/libX11.so.6
> #10 0x00007f27b2019fcf in XkbGetState () from /usr/lib64/libX11.so.6

Sounds like the same problem, yes. But please verify, whether the installed libX11.rpm already contains the RPM changelog entry:

-------------------------------------------------------------------
Tue Jun 11 14:00:06 UTC 2013 - sndirsch@suse.com

- U_0001-xkb-fix-off-by-one-in-_XkbReadGetNamesReply-and-_Xkb.patch
  * fixes breakage of CVE-2013-1997 
    (bnc#824294, bnc#821664, bnc#815451)

If it does, we, i.e. me, have an issue. ;-)

that change was indeed missing. 
Maintenance request only got accepted 1h ago
and even though it is marked as built and published,
it is not actually in http://download.opensuse.org/update/12.2-test/x86_64/ yet

The new packages are now available in the test repository.

libX11-6-1.5.0-2.7.1.x86_64.rpm 12-Jun-2013 12:15

Thanks Stefan, the updated packages looks fine for me.

Update released for: xorg-x11, xorg-x11-Xnest, xorg-x11-Xprt, xorg-x11-Xvfb, xorg-x11-Xvnc, xorg-x11-debuginfo, xorg-x11-devel, xorg-x11-devel-32bit, xorg-x11-devel-64bit, xorg-x11-doc, xorg-x11-driver-options, xorg-x11-fonts-100dpi, xorg-x11-fonts-75dpi, xorg-x11-fonts-cyrillic, xorg-x11-fonts-scalable, xorg-x11-fonts-syriac, xorg-x11-libs, xorg-x11-libs-32bit, xorg-x11-libs-64bit, xorg-x11-libs-x86, xorg-x11-man, xorg-x11-sdk, xorg-x11-server, xorg-x11-server-glx
Products:
SLE-DEBUGINFO 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-DESKTOP 10-SP4 (i386, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)

Update released for: xorg-x11, xorg-x11-Xnest, xorg-x11-Xprt, xorg-x11-Xvfb, xorg-x11-Xvnc, xorg-x11-debuginfo, xorg-x11-devel, xorg-x11-devel-32bit, xorg-x11-doc, xorg-x11-driver-options, xorg-x11-fonts-100dpi, xorg-x11-fonts-75dpi, xorg-x11-fonts-cyrillic, xorg-x11-fonts-scalable, xorg-x11-fonts-syriac, xorg-x11-libs, xorg-x11-libs-32bit, xorg-x11-man, xorg-x11-sdk, xorg-x11-server, xorg-x11-server-glx
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)

Update released for: XFree86, XFree86-Mesa, XFree86-Mesa-devel, XFree86-Xnest, XFree86-Xprt, XFree86-Xvfb, XFree86-Xvnc, XFree86-devel, XFree86-doc, XFree86-driver-options, XFree86-fonts-100dpi, XFree86-fonts-75dpi, XFree86-fonts-cyrillic, XFree86-fonts-scalable, XFree86-fonts-syriac, XFree86-libs, XFree86-man, XFree86-server, XFree86-server-glx, km_drm
Products:
SUSE-CORE 9-SP3-TERADATA (x86_64)

Update released for: xorg-x11-libX11, xorg-x11-libX11-32bit, xorg-x11-libX11-debuginfo, xorg-x11-libX11-debuginfo-32bit, xorg-x11-libX11-debuginfo-x86, xorg-x11-libX11-debugsource, xorg-x11-libX11-devel, xorg-x11-libX11-devel-32bit, xorg-x11-libX11-x86
Products:
SLE-DEBUGINFO 11-SP1 (i386, s390x, x86_64)
SLE-SERVER 11-SP1-LTSS (i386, s390x, x86_64)

SUSE-SU-2014:0893-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 815451,821664,824294
CVE References: CVE-2013-1981,CVE-2013-1997,CVE-2013-2004
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    xorg-x11-libX11-7.4-5.11.11.7