Univention Bugzilla – Bug 57224
xorg-server: Multiple issues (5.0)
Last modified: 2024-04-24 14:56:12 CEST
New Debian xorg-server 2:1.20.4-1+deb10u14 fixes: This update addresses the following issues: 2:1.20.4-1+deb10u14 (Mon, 15 Apr 2024 14:30:14 +0300) * Non-maintainer upload by the LTS Team. * CVE-2024-31080: Heap buffer overread in ProcXIGetSelectedEvents() * CVE-2024-31081: Heap buffer overread in ProcXIPassiveGrabDevice() * CVE-2024-31083: Use-after-free in ProcRenderAddGlyphs()
--- mirror/ftp/pool/main/x/xorg-server/xorg-server_1.20.4-1+deb10u13.dsc +++ apt/ucs_5.0-0-errata5.0-7/source/xorg-server_1.20.4-1+deb10u14.dsc @@ -1,3 +1,10 @@ +2:1.20.4-1+deb10u14 [Mon, 15 Apr 2024 14:30:14 +0300] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS Team. + * CVE-2024-31080: Heap buffer overread in ProcXIGetSelectedEvents() + * CVE-2024-31081: Heap buffer overread in ProcXIPassiveGrabDevice() + * CVE-2024-31083: Use-after-free in ProcRenderAddGlyphs() + 2:1.20.4-1+deb10u13 [Thu, 25 Jan 2024 19:20:11 +0100] Markus Koschany <apo@debian.org>: * Non-maintainer upload by the LTS team. <http://piuparts.knut.univention.de/5.0-7/#3424859388927105052>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-7] 3d6f5f86b4 Bug #57224: xorg-server 2:1.20.4-1+deb10u14 doc/errata/staging/xorg-server.yaml | 36 +++++++++++++++++++++++++++++++----- 1 file changed, 31 insertions(+), 5 deletions(-) [5.0-7] 9b666718ce Bug #57224: xorg-server 2:1.20.4-1+deb10u14 doc/errata/staging/xorg-server.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x1030>