[SECURITY] [DLA 3686-1] xorg-server security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3686-1] xorg-server security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Wed, 13 Dec 2023 08:05:16 +0000 (UTC)
Message-id: <[🔎] alpine.DEB.2.21.2312130804110.21778@postfach.intern.alteholz.me>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3686-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
December 13, 2023                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : xorg-server
Version        : 2:1.20.4-1+deb10u11
CVE ID         : CVE-2023-6377 CVE-2023-6478


Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server,
which may result in privilege escalation if the X server is running
privileged.


For Debian 10 buster, these problems have been fixed in version
2:1.20.4-1+deb10u11.

We recommend that you upgrade your xorg-server packages.

For the detailed security status of xorg-server please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmV5ZbxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEfHBQ//VHHh0wLxDoqdayIAzpkEYW5kz6Ry4aGzV7rzlTleqIHlwlgSaCiilS91
BDROx5rjXEoXYRqn6SCv8J4paHhdlYaHT1WGvGZkfOuYPnIysQiAO3oGV8cJ0gxl
9KjN084/Lhfr7DvqMHeUPm4O0OXOnoenDr7euiK087NERhsYAzpFAnP1d6gl6yA5
JAKMt9I5EMLZLB7bqyYQUukYVw5UjpDpSA3dy0RYTOi+JP+1NBlGFGTvf4FPpPJT
jZ/VfAvrU8CRAXXvoFcX4T9KTr1tSch44OhZBYLDx1d53FhoscEqtQtfRjFWZApw
AKrWS4WRaV6dynzU1mjlyE5yGqBYEfL3yJ5KA8oaD+0D8CJtraDGTakLkpLRnv31
rw3946zyp52YlTW2crh1u2GV9mnlI2CVyJQy6lBZR07jnvlRwAHWCJ3US8t7H+A6
24n0YELH0O65ac7tnjVzdmvFJJuUmtI+wxSgKarl5twC2Fwpq6roL3fBSz845ZB1
o0sx4lAgcb3J+fzFlvyh2yEGm6M/horjRshUg+iU7+PkwlGcFv2y/4BlJZ9wj7Da
YZ7s42id19LUSxFCC1El0EtSVOtPRmm3cF7BvOoKfHgkdrS8HCGpUKGgP4+T7Sbs
gEvdbXHhuthpNs8uie73zfJAfievnpbrogkNAqN32msikOdxaEk=
=Lz2B
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3685-1] debian-security-support security update
Next by Date: [SECURITY] [DLA 3687-1] rabbitmq-server security update
Previous by thread: [SECURITY] [DLA 3685-1] debian-security-support security update
Next by thread: [SECURITY] [DLA 3687-1] rabbitmq-server security update
Index(es):
- Date
- Thread