Univention Bugzilla – Bug 55072
xorg-server: Multiple issues (5.0)
Last modified: 2022-08-05 12:35:07 CEST
New Debian xorg-server 2:1.20.4-1+deb10u5 fixes: This update addresses the following issues: * X.Org Server ProcXkbSetGeometry out-of-bounds access (CVE-2022-2319) * out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (CVE-2022-2320)
--- mirror/ftp/pool/main/x/xorg-server/xorg-server_1.20.4-1+deb10u4.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/xorg-server_1.20.4-1+deb10u5.dsc @@ -1,3 +1,8 @@ +2:1.20.4-1+deb10u5 [Thu, 04 Aug 2022 13:57:08 +0200] Emilio Pozuelo Monfort <pochu@debian.org>: + + * xkb: add request length validation for XkbSetGeometry (CVE-2022-2319) + * xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck (CVE-2022-2320) + 2:1.20.4-1+deb10u4 [Sat, 18 Dec 2021 10:05:36 +0100] Julien Cristau <jcristau@debian.org>: * record: Fix out of bounds access in SwapCreateRegister() [CVE-2021-4011] <http://piuparts.knut.univention.de/5.0-2/#2068342451361576818>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-2] 07b1cfb7b7 Bug #55072: xorg-server 2:1.20.4-1+deb10u5 doc/errata/staging/xorg-server.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) [5.0-2] e0bdc59e12 Bug #55072: xorg-server 2:1.20.4-1+deb10u5 doc/errata/staging/xorg-server.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x378>