ALT-BU-2022-4242-1
Branch p10 update bulletin.
Closed bugs
показывает чёрный экран
Package xorg-server updated to version 1.20.14-alt2 for branch p10 in task 295526.
Closed vulnerabilities
BDU:2022-00346
Уязвимость функции SProcXFixesCreatePointerBarrier реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2022-00347
Уязвимость функции SProcXFixesCreatePointerBarrier реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2022-00348
Уязвимость функции SProcRenderCompositeGlyphs реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2022-00349
Уязвимость функции SwapCreateRegister реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-4008
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- [debian-lts-announce] 20211229 [SECURITY] [DLA 2869-1] xorg-server security update
- [debian-lts-announce] 20211229 [SECURITY] [DLA 2869-1] xorg-server security update
- FEDORA-2021-69e96c8f68
- FEDORA-2021-69e96c8f68
- FEDORA-2021-664a6554a1
- FEDORA-2021-664a6554a1
- FEDORA-2021-2eb603951b
- FEDORA-2021-2eb603951b
- FEDORA-2021-a7fd510294
- FEDORA-2021-a7fd510294
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- GLSA-202305-30
- GLSA-202305-30
- https://security.netapp.com/advisory/ntap-20220114-0004/
- https://security.netapp.com/advisory/ntap-20220114-0004/
- DSA-5027
- DSA-5027
- https://www.zerodayinitiative.com/advisories/ZDI-21-1547/
- https://www.zerodayinitiative.com/advisories/ZDI-21-1547/
Modified: 2024-11-21
CVE-2021-4009
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- [debian-lts-announce] 20211229 [SECURITY] [DLA 2869-1] xorg-server security update
- [debian-lts-announce] 20211229 [SECURITY] [DLA 2869-1] xorg-server security update
- FEDORA-2021-69e96c8f68
- FEDORA-2021-69e96c8f68
- FEDORA-2021-664a6554a1
- FEDORA-2021-664a6554a1
- FEDORA-2021-2eb603951b
- FEDORA-2021-2eb603951b
- FEDORA-2021-a7fd510294
- FEDORA-2021-a7fd510294
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- GLSA-202305-30
- GLSA-202305-30
- https://security.netapp.com/advisory/ntap-20220114-0004/
- https://security.netapp.com/advisory/ntap-20220114-0004/
- DSA-5027
- DSA-5027
- https://www.zerodayinitiative.com/advisories/ZDI-21-1548/
- https://www.zerodayinitiative.com/advisories/ZDI-21-1548/
Modified: 2024-11-21
CVE-2021-4010
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- FEDORA-2021-69e96c8f68
- FEDORA-2021-69e96c8f68
- FEDORA-2021-664a6554a1
- FEDORA-2021-664a6554a1
- FEDORA-2021-2eb603951b
- FEDORA-2021-2eb603951b
- FEDORA-2021-a7fd510294
- FEDORA-2021-a7fd510294
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- GLSA-202305-30
- GLSA-202305-30
- https://security.netapp.com/advisory/ntap-20220114-0004/
- https://security.netapp.com/advisory/ntap-20220114-0004/
- DSA-5027
- DSA-5027
- https://www.zerodayinitiative.com/advisories/ZDI-21-1549/
- https://www.zerodayinitiative.com/advisories/ZDI-21-1549/
Modified: 2024-11-21
CVE-2021-4011
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- [debian-lts-announce] 20211229 [SECURITY] [DLA 2869-1] xorg-server security update
- [debian-lts-announce] 20211229 [SECURITY] [DLA 2869-1] xorg-server security update
- FEDORA-2021-69e96c8f68
- FEDORA-2021-69e96c8f68
- FEDORA-2021-664a6554a1
- FEDORA-2021-664a6554a1
- FEDORA-2021-2eb603951b
- FEDORA-2021-2eb603951b
- FEDORA-2021-a7fd510294
- FEDORA-2021-a7fd510294
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- GLSA-202305-30
- GLSA-202305-30
- https://security.netapp.com/advisory/ntap-20220114-0004/
- https://security.netapp.com/advisory/ntap-20220114-0004/
- DSA-5027
- DSA-5027
- https://www.zerodayinitiative.com/advisories/ZDI-21-1550/
- https://www.zerodayinitiative.com/advisories/ZDI-21-1550/
Package xorg-xwayland updated to version 22.1.0-alt1 for branch p10 in task 295526.
Closed vulnerabilities
BDU:2023-02146
Уязвимость программного пакета X.Org Server, связанная с использованием памяти после ее освобождения, позволяющая нарушителю повысить свои привилегии
Modified: 2024-11-21
CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110
- FEDORA-2023-b7835960ac
- FEDORA-2023-b7835960ac
- FEDORA-2023-eb3c27ff25
- FEDORA-2023-eb3c27ff25
- FEDORA-2023-66d5af0278
- FEDORA-2023-66d5af0278
- FEDORA-2023-fe18ae3e85
- FEDORA-2023-fe18ae3e85
- FEDORA-2023-239bae4b57
- FEDORA-2023-239bae4b57
- FEDORA-2023-f754e7abfd
- FEDORA-2023-f754e7abfd
- FEDORA-2023-b87fd3a628
- FEDORA-2023-b87fd3a628
- FEDORA-2023-6f3f9ee721
- FEDORA-2023-6f3f9ee721
- GLSA-202305-30
- GLSA-202305-30
- https://www.openwall.com/lists/oss-security/2023/03/29/1
- https://www.openwall.com/lists/oss-security/2023/03/29/1