[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 5800-1] xorg-server security update



Hello

thanks for all of this great info over the years

I no longer require it.

PLEASE UNSUBSCRIBE ME FROM YOUR MAILING LISTS
or send me a link to where this can be done.

Cheers
Art

> On 30 Oct 2024, at 5:36 am, Salvatore Bonaccorso <carnil@debian.org> wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> - -------------------------------------------------------------------------
> Debian Security Advisory DSA-5800-1                   security@debian.org
> https://www.debian.org/security/                     Salvatore Bonaccorso
> October 29, 2024                      https://www.debian.org/security/faq
> - -------------------------------------------------------------------------
> 
> Package        : xorg-server
> CVE ID         : CVE-2024-9632
> Debian Bug     : 1086244
> 
> Jan-Niklas Sohn discovered that a heap-based buffer overflow in the
> _XkbSetCompatMap function in the X Keyboard Extension of the X.org X
> server may result in privilege escalation if the X server is running
> privileged.
> 
> For the stable distribution (bookworm), this problem has been fixed in
> version 2:21.1.7-3+deb12u8.
> 
> We recommend that you upgrade your xorg-server packages.
> 
> For the detailed security status of xorg-server please refer to its
> security tracker page at:
> https://security-tracker.debian.org/tracker/xorg-server
> 
> Further information about Debian Security Advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: https://www.debian.org/security/
> 
> Mailing list: debian-security-announce@lists.debian.org
> -----BEGIN PGP SIGNATURE-----
> 
> iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmchKQNfFIAAAAAALgAo
> aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
> NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
> z0S1og//Qc+fk1SZNKINd1d/ItoR5XQQGU4V92/kQKcfNu97F2DLcb1wUc+BZAaY
> yr1HS+ru3pY25XOKYLgR7Tx///BEXzYxKdNxLGVMXzJqU06oSYXAkUBERFW5aU0/
> ayaV+UtwaX7ADUwYpCeJbQJcudMw3YtPlkRpN1uCs/lHMHPcbsGpZt4VBpItksrs
> iRpqq40eQiPafzGBpzx40ejaJyn200s9hYNN6dieqNDQTW6MmGSI9OLfY5alze6M
> Iot3mopREg/iKJblNz7+T2mKng0TEPY2PgolcsmHjvHEKCrWmWcGKwWHKlbvfpJX
> s1522AAWS5aJeW8r6TeGbOa298caLsW4doQa/6EX4HeADQu7SjV9oXZwrUtGsCxn
> eb6oLUGhHs0FGmY/Hvfng/ouZwSj1wKWE45hMCJ1HRSlpbfCoJxQlFpNLWQziFaS
> TuzebmpPXfbrbcXb7tNgUPtLcayu09JwJWxZLYPYcFDXZe1wUz3ZQIWkKHizXkSI
> NZtQYdLMKqBp99XR65vkTORS7QWkpdaW6AY6JujoihKFzh+wRM7qKtgflHl6qTLd
> mPK8DU/qe5jCs5oqzLvQ7sZUb95JqhYaLf8ZWH6koTHLHqnMt9wOxqoEPoFfk4Lz
> TH0FizIOHO6imr6USG+ubOtlf/nd1py1achR9ihKtd+0GE0Hx8Q=
> =Y9nq
> -----END PGP SIGNATURE-----
> 


Reply to: