it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Salvatore Bonaccorso <carnil AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5304-1] xorg-server security update
- Date: Tue, 20 Dec 2022 19:51:14 +0000
- Authentication-results: mail.piratenpartei.de; dkim=none; dmarc=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
- List-archive: https://lists.debian.org/msgid-search/E1p7idu-008aFQ-3w AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=62sAEdx2O9KNdbBM7OnG/dI2p6LewlzxDVAPWimqYZk=; b=dP hcoyvAmzcVO6ehqPHWlHPtund/R+tWScGiLytxU9UMdVDxNQDg8bTtOpCQzzdDjiN9ssE98c3NxZA DAmTNz0glefyjzlDPJzlG25TI/EkwhuFETn2AcL93Ox7xq0T23g/GzZW/Gkhs+/pdEuhSiYS4miMh Jh5ylw93q9mt3YGhSjLNGo3VYwHEQfjbS31N9QaAPVPeZ92sUlfN9UiZilFlRceO5azqIp2suku/J 4MCqcfKh5NrX2UnQNhPbPw9eDDWmsdtvPkL9wAzh+J66/TU74F5wvTb5RCENOHWIJecrPT7WmcNLM fRvieqra5LJ4MfRrn4EMybKyUcD+U62A==;
- Old-return-path: <carnil AT seger.debian.org>
- Priority: urgent
- Resent-date: Tue, 20 Dec 2022 19:51:37 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <XF2uxGq3U_B.A.5yB.JJhojB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5304-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
December 20, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : xorg-server
CVE ID : CVE-2022-4283 CVE-2022-46340 CVE-2022-46341 CVE-2022-46342
CVE-2022-46343 CVE-2022-46344
Debian Bug : 1026071
Jan-Niklas Sohn discovered several vulnerabilities in X server extensions
in the X.Org X server, which may result in privilege escalation if the X
server is running privileged.
For the stable distribution (bullseye), these problems have been fixed in
version 2:1.20.11-1+deb11u4.
We recommend that you upgrade your xorg-server packages.
For the detailed security status of xorg-server please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmOiEgFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Qysw//b3WxFj6Bvmix6MNP/D/izMHimLJrgWZthnCpgFIQxwpNrho3YexS3dkh
nfFIv6FKkFHoWvDDkURee2AROshngIgcl0/yrlouV9gaR0ZtVCI//Ku9t5hTatTd
/fC9AlIq/s9zgeslq8RzDwhcbQQtT4M0aqQbCt5V9pJGPJ5WTWp9l0D/KVkkiIfU
6CIJn1xvw6Nu/3m9BWG0VrHP83jTVJi6KhGfFAZkYhTsfw/TOfLUN5nZnQFnNvrR
+XwruR3Zy1ZA5pStWPVuuGQwi0xuhy3weiz92mGUhRsavw4SrJsL54k+gg5Su2lW
dzgiRVpjERtbLKXSQxin1nMM3LUePxnFvHwmTaC00XUL2YCLuCECl7NDMIncjJiF
+rYEEUtAvPOjIC4bvt3KUDfj3pf37/YqhEXgauqc0Gm3irAM/gkxypSszEeYaxne
7THA+DYh3fnrpZA1tGyCzS4gUPLaxsGU/cRej9ES57rKyZY9n/gdO6r6sPybgZIL
lRGOt2Unl3eIgMkrH2THLg0v/Rume5Gi4demI5GAoxOw4r500jU+X+/BZLd09pyC
lhtDUFfcaf7J/LyT/EM98M/mAp4iCq4lFuZbCxoGyip/HsaPtWb4EQw9mVzkAByM
BnwC/La8g0z0n/b/eMNM2hd7BajKH4uobmvfRicyCc5YG3CrE10=
=c8pj
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5304-1] xorg-server security update, Salvatore Bonaccorso, 20.12.2022
Archiv bereitgestellt durch MHonArc 2.6.24.