1 files changed, 11 insertions, 3 deletions

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 6cfa612fec1b..dc322328db50 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -8529,15 +8529,22 @@ Using a handcrafted message, remote code execution seems to be possible.</p>
     <affects>
       <package>
 	<name>xorg-server</name>
-	<range><le>1.19.3</le></range>
+	<range><le>1.18.4_6,1</le></range>
+	<range><ge>1.19.0,1</ge><le>1.19.3,1</le></range>
       </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
 	<p>xorg-server developers reports:</p>
 	<blockquote cite="http://www.securityfocus.com/bid/99546">
-	  <p>In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.</p>
-	  <p>Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server.</p>
+	  <p>In the X.Org X server before 2017-06-19, a user authenticated to
+	    an X Session could crash or execute code in the context of the X
+	    Server by exploiting a stack overflow in the endianness conversion
+	    of X Events.</p>
+	  <p>Uninitialized data in endianness conversion in the XEvent handling
+	    of the X.Org X Server before 2017-06-19 allowed authenticated
+	    malicious users to access potentially privileged data from the X
+	    server.</p>
 	</blockquote>
       </body>
     </description>
@@ -8556,6 +8563,7 @@ Using a handcrafted message, remote code execution seems to be possible.</p>
     <dates>
       <discovery>2017-07-06</discovery>
       <entry>2017-10-17</entry>
+      <modified>2018-05-20</modified>
     </dates>
   </vuln>