ABCDEFGHIJKLMNOPQRSTUVWXYZAAAB
1
CVE Group
X.org 6.9 Patch
X.org 7.1+ patchStatusMitigated by "-nolisten tcp"Notes
2
CVE-2006-0745
http://xorg.freedesktop.org/releases/X11R6.9.0/patches/x11r6.9.0-geteuid.diff
already applied by NoMachineN/A
3
CVE-2006-1526
http://xorg.freedesktop.org/releases/X11R6.9.0/patches/x11r6.9.0-mitri.diff
already applied by NoMachineN/A
4
CVE-2006-2006-3739 CVE 2006-3740
http://xorg.freedesktop.org/releases/X11R6.9.0/patches/x11r6.9.0-cidfonts.diff
already applied by NoMachineN/A
5
CVE-2006-6101 CVE-2006-6102 CVE-2006-6103
http://xorg.freedesktop.org/releases/X11R6.9.0/patches/x11r6.9.0-dbe-render.diff
already applied by NoMachineN/A
6
http://lists.freedesktop.org/archives/xorg-announce/2006-June/000100.html
http://xorg.freedesktop.org/releases/X11R6.9.0/patches/x11r6.9.0-setuid.diff
Mostly applied by NoMachineN/A
programs/Xserver/hw/xfree86/parser/write.c is unpatched - However, it is removed in nx-libs 3.6.0.x branch because it was never used.
7
CVE-2007-1003 CVE-2007-1351 CVE-2007-1352 CVE-2007-1352
http://xorg.freedesktop.org/archive/X11R7.2/patches/ (3 2007-04-03 patches)
already applied by NoMachineN/A
8
CVE-2007-4568
http://xorg.freedesktop.org/archive/X11R7.3/patches/xorg-xfs-1.0.4-query.diff
xfs already removed by NoMachineN/A
9
CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006
http://xorg.freedesktop.org/archive/X11R7.2/patches/ (2 2008-01 patches)
already applied by NoMachineN/A
10
CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362
http://xorg.freedesktop.org/archive/X11R7.3/patches/ (5 2008-06-11 patches)
already applied by NoMachineN/A
11
CVE-2011-0465
http://cgit.freedesktop.org/xorg/app/xrdb/patch/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56
xrdb already removed by NoMachineN/A
12
CVE-2011-2895
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
vulnerable code present, fixed on mike#2 local git
Yespatch applies successfully with only an offset of 2
13
CVE-2011-4028
http://cgit.freedesktop.org/xorg/xserver/commit/?id=6ba44b91e37622ef8c146d8f2ac92d708a18ed34
vulnerable code present, fixed on mike#2 local git
N/A
patch applies successfully with only an offset of 162. This only affections local connections as mentioned here: http://www.cvedetails.com/cve/CVE-2011-4028
14
CVE-2011-4029
http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0af4330e695d724a4
Not AffectedN/AThe email advistory says that only XServer 1.4 and later are affected. And the code clearly differs.
15
CVE-2012-0064xkeyboard-config 2.5 (separate package)N/AN/ADifficult to summarize. Read the entire email advisory.
16
CVE-2013-1940N/ANot AffectedN/AThe blog advisory states that that this only affects VT switching on Linux. So that clearly sounds like it does not apply to NX.
17
CVE-2013-1981..2005, CVE-2013-2062..2066
http://wiki.x.org/wiki/Development/Security/Advisory-2013-05-23/
vulnerable code present, fixed on mike#2 local git
N/AOnly affects X11 clients.
18
CVE-2013-4396
http://lists.x.org/archives/xorg-announce/2013-October/002332.html
vulnerable code present, fixed on mike#2 local git
YesI manually edited in the changes due to whitespace diffs.
19
CVE-2013-6462
http://lists.x.org/archives/xorg-announce/2014-January/002389.html
vulnerable code present, fixed on mike#2 local git
Yes
20
CVE-2014-0209http://cgit.freedesktop.org/xorg/lib/libXfont/log/
vulnerable code present, fixed on mike#2 local git
N/Aunlike CVE-2014-0210 CVE-2014-0211, this can only be triggered by local X11 clients, not by font servers
21
CVE-2014-0210 CVE-2014-0211http://cgit.freedesktop.org/xorg/lib/libXfont/log/
vulnerable code present, fixed on mike#2 local git
Nomalicious remote font servers can exploit these
22
CVE-2014-8091
ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/os/SRPMS/xorg-x11-server-1.1.1-48.107.el5_11.src.rpm
vulnerable code present, fixed on mike#2 local git
Yes-nolisten TCP" is especially important because it can be triggered by an unauthenticated client
23
CVE-2014-8092,CVE-2014-8093
ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/os/SRPMS/xorg-x11-server-1.1.1-48.107.el5_11.src.rpm
vulnerable code present, fixed on mike#2 local git
Yes
24
CVE-2014-8094N/ANot AffectedN/AX.org: "Introduced in xorg-server-1.7.0 (2009)."
25
CVE-2014-8095..CVE-2014-8097
ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/os/SRPMS/xorg-x11-server-1.1.1-48.107.el5_11.src.rpm
vulnerable code present, fixed on mike#2 local git
Yes
26
CVE-2014-8098
ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/os/SRPMS/xorg-x11-server-1.1.1-48.107.el5_11.src.rpm
vulnerable code present, fixed on mike#2 local git
YesIt is very likely that I made a mistake. The differences vs RHEL5 xorg-server 1.1.1 are large.
27
CVE-2014-8099, CVE-2014-8100
ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/os/SRPMS/xorg-x11-server-1.1.1-48.107.el5_11.src.rpm
vulnerable code present, fixed on mike#2 local git
Yes
28
CVE-2014-8101
ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/os/SRPMS/xorg-x11-server-1.1.1-48.107.el5_11.src.rpm
vulnerable code present, fixed on mike#2 local git
YesThis needs extra attention because nomachine backported randr 1.1 in nx-libs 3.5.0
29
CVE-2014-8102
ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/os/SRPMS/xorg-x11-server-1.1.1-48.107.el5_11.src.rpm
vulnerable code present, fixed on mike#2 local git
Yes
30
CVE-2014-8103N/ANot AffectedN/AX.org: "Introduced in xorg-server-1.15.0 (2013)."
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100