it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Salvatore Bonaccorso <carnil AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5027-1] xorg-server security update
- Date: Tue, 21 Dec 2021 20:01:06 +0000
- List-archive: https://lists.debian.org/msgid-search/E1mzlJq-0001aZ-OS AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version :Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=eHgkDBsTtc5G0TFeaUj8ZZVkhkSnF6qFoUL+UYKLr9w=; b=AW ZYE6TGDmEDkN8OozhbroP5zOvU7Mcx4IpII1PMqaomoeCjADzhVaWiH5397XAaZ21skWpdXcORIC3 bcVwDCUymaxi9icVuC2jyDNSpt3qNV7nYHYf08o7L0NVTy4+cfbjMcTQZXX72Bk+GYGzS7CYwNo/Y UMjvJs5e83u9V1EwAJ4Yu98h3/e5bCZyHWnp8uE3NLC/+PRZMdpfnsDib3XrxYP+0vek9PmwnkwT0 KI7mlhULoiTcELIM9Z86JTEzKf5IVqXnSMs+Dt5Uh0MG+XTnHrG30Gktwq6cHYuoFR210nvyWSYpy eWEzvTiKL+UHiG1cJAkEIaBXKaSCjFCg==;
- Old-return-path: <carnil AT seger.debian.org>
- Priority: urgent
- Resent-date: Tue, 21 Dec 2021 20:01:27 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <B0-ijqHd-zK.A.WDG.WKjwhB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5027-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
December 21, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : xorg-server
CVE ID : CVE-2021-4008 CVE-2021-4009 CVE-2021-4010 CVE-2021-4011
Jan-Niklas Sohn discovered that multiple input validation failures in X
server extensions of the X.org X server may result in privilege
escalation if the X server is running privileged.
For the oldstable distribution (buster), these problems have been fixed
in version 2:1.20.4-1+deb10u4.
For the stable distribution (bullseye), these problems have been fixed in
version 2:1.20.11-1+deb11u1.
We recommend that you upgrade your xorg-server packages.
For the detailed security status of xorg-server please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmHCMkdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SyaQ/+IqrFtIKc28FNMS1XFM/qm2s2bCRwLCSomrlXF7gI+1ODI3fpIzrux05M
lSoZvZIDhfNZ72uRhQl5tWTSZkbvrDxiqpGjQsMbE2JnyuBoY63yXrgoJs2IgE8I
Av7doScJmisKn7QqRtd2i3lIK3i00vSfRebVHqrOcggxhHu3SQJqzJt4C8KmKUl5
8Nt3GRxftR7X2zvKv6ZhQ2ShRacoxy0FL554Q8C8L4U+fURsVxda2HP18jEp3CSt
MybSeNLhI4msD2nMarV4kF3TyTDjy9NeLCr937Ab1SegYP1ecnkPhLa2uayXFUWZ
bAFMDWL7DZ/seNHD/vFpFnkksMysK4VbtgV7o6HCScv1D6NB5YG7axxePuE2YFY2
XHf3HnyPV7UQ0/lqEcGDfilgpujvEVajFMELA2Fc5RUnB5a3Yk8z0zkEGJmCCwVV
Bi5U1dzR0vfastfdl8AIANtgLAPWNhI1TnUwGN92KVJ1Q/gUNiK706muqVk57mm1
vxkacIRIlCTr4cwytzOxbZ2NdDDCjPXrZhiUIVWPLd9D3K0P3/GDsWymdAEnXkTr
RbOkZytzi0PjKjAW8qt22E7K0e6UTPrHi2RjrirLFdnRU7/R4gOK6xlxlJZZv5o4
/KU7fRjnAnUX0swN+NODzZrZwCHPZfm9DWKEr1xsH4NGi1nEbO0=
=M+0O
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5027-1] xorg-server security update, Salvatore Bonaccorso, 21.12.2021
Archiv bereitgestellt durch MHonArc 2.6.24.