Univention Bugzilla – Bug 55416
xorg-server: Multiple issues (5.0)
Last modified: 2022-11-16 18:04:03 CET
New Debian xorg-server 2:1.20.4-1+deb10u6 fixes: This update addresses the following issues: 2:1.20.4-1+deb10u6 (Tue, 08 Nov 2022 13:39:13 +0100) * xkb: proof GetCountedString against request length attacks (CVE-2022-3550) * xkb: fix some possible memleaks in XkbGetKbdByName (CVE-2022-3551)
--- mirror/ftp/pool/main/x/xorg-server/xorg-server_1.20.4-1+deb10u5.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/xorg-server_1.20.4-1+deb10u6.dsc @@ -1,3 +1,8 @@ +2:1.20.4-1+deb10u6 [Tue, 08 Nov 2022 13:39:13 +0100] Emilio Pozuelo Monfort <pochu@debian.org>: + + * xkb: proof GetCountedString against request length attacks (CVE-2022-3550) + * xkb: fix some possible memleaks in XkbGetKbdByName (CVE-2022-3551) + 2:1.20.4-1+deb10u5 [Thu, 04 Aug 2022 13:57:08 +0200] Emilio Pozuelo Monfort <pochu@debian.org>: * xkb: add request length validation for XkbSetGeometry (CVE-2022-2319) <http://piuparts.knut.univention.de/5.0-2/#2068342451358329243>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-2] 3b6fce6587 Bug #55416: xorg-server 2:1.20.4-1+deb10u6 doc/errata/staging/xorg-server.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) [5.0-2] d9b15d6ecd Bug #55416: xorg-server 2:1.20.4-1+deb10u6 doc/errata/staging/xorg-server.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x488>