Bug#1030777: xorg-server: CVE-2023-0494

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1030777: xorg-server: CVE-2023-0494
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 07 Feb 2023 13:41:07 +0100
Message-id: <[🔎] 167577366751.2531448.18311953856920426300.reportbug@elende.valinor.li>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1030777@bugs.debian.org

Source: xorg-server
Version: 2:21.1.6-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Control: found -1 2:1.20.11-1+deb11u4
Control: fixed -1 2:1.20.11-1+deb11u5

Hi,

The following vulnerability was published for xorg-server.

CVE-2023-0494[0]:
| Xi: fix potential use-after-free in DeepCopyPointerClasses

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-0494
    https://www.cve.org/CVERecord?id=CVE-2023-0494
[1] https://gitlab.freedesktop.org/xorg/xserver/commit/0ba6d8c37071131a49790243cdac55392ecf71ec

Regards,
Salvatore

Reply to:

Follow-Ups:
- Processed: xorg-server: CVE-2023-0494
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#1030777: marked as done (xorg-server: CVE-2023-0494)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Processed: xorg-server: CVE-2023-0494
Next by Date: [Git][xorg-team/xserver/xorg-server][debian-bullseye] Xi: fix potential use-after-free in DeepCopyPointerClasses (CVE-2023-0494)
Previous by thread: vulkan-validationlayers_1.3.239.0-1_source.changes ACCEPTED into unstable
Next by thread: Processed: xorg-server: CVE-2023-0494
Index(es):
- Date
- Thread