Univention Bugzilla – Bug 53325
libx11: Multiple issues (4.4)
Last modified: 2021-05-26 15:34:05 CEST
New Debian libx11 2:1.6.4-3+deb9u4 fixes: This update addresses the following issue: * missing request length checks (CVE-2021-31535)
--- mirror/ftp/4.4/unmaintained/4.4-6/source/libx11_1.6.4-3+deb9u3.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/libx11_1.6.4-3+deb9u4.dsc @@ -1,3 +1,8 @@ +2:1.6.4-3+deb9u4 [Fri, 21 May 2021 09:45:01 +0200] Emilio Pozuelo Monfort <pochu@debian.org>: + + * CVE-2021-31535: X protocol command injection due to missing request + length checks (closes: #988737) + 2:1.6.4-3+deb9u3 [Tue, 01 Sep 2020 09:41:40 +0200] Emilio Pozuelo Monfort <pochu@debian.org>: * Fix a regression introduced by the CVE-2020-14344 fixes which prevented <http://piuparts.knut.univention.de/4.4-8/#7322076518627694853>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] ef77905b72 Bug #53325: libx11 2:1.6.4-3+deb9u4 doc/errata/staging/libx11.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x981>