it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5517-1] libx11 security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5517-1] libx11 security update
Date: Thu, 5 Oct 2023 18:18:00 +0000
Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
List-archive: https://lists.debian.org/msgid-search/ZR792LUUTq2xRj/m AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=oYUUu7kYW+3betnOi6B+yJhFFmHNh583ZazKY+caX8o=; b=QL 6AsIK8RMmHQGkNFGDjaHNV0zVaM6BNRZyOCjnzdhM5PwsAAmRVnovW/dZUBFySefb0N9/YROD+BV8 pveT8KPdgXZsWeZbUp+iUmKtQ13OsMi1PN8zDUZ9ZgaEZckBdLUfgBa4hhRFc/N4a+Vgo8F3IUuIG yq2tHL4OqfV0KhHuwsM7G0pB24WasdElklqrkVCjUbHop7OJXL11lcDBrloPt6+gwiMHn2cW+F3wO pp0ZqUvg/EHq5xzv8TRGPrvrL6VeG91LdpjP/NJMtqDww1Wqnv+LI5sLW5Avv57yVra46puZG0qut dgu3wYySL6rYtAboIrx4XTL/HGu5te/A==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Thu, 5 Oct 2023 18:18:28 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <4vR0LecM5WH.A.T5H.z3vHlB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5517-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 05, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : libx11
CVE ID : CVE-2023-43785 CVE-2023-43786 CVE-2023-43787

Multiple security vulnerabilities were discovered in libx11, the X11
client-side library, which may result in denial of service or the
execution of arbitrary code.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2:1.7.2-1+deb11u2.

For the stable distribution (bookworm), these problems have been fixed in
version 2:1.8.4-2+deb12u2.

We recommend that you upgrade your libx11 packages.

For the detailed security status of libx11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libx11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmUe/SEACgkQEMKTtsN8
TjYVyw//XICOLb5ZAfQBjWuhJvJkM7SN1pjd2Iulvqz2sNgAzSninvda2n6458BB
41fs6J5dIkCIGVWJ2/4hwBXuMMc4HO7KTTs+BW9WGBJOwd7ZpwTpvxe07M+kOPt2
iqebM5dd5QO+ifh6AHTZ3amPliKfCCUcItYN1aMpolB5N/LJBdMa8j/ebU11pu5T
GLreIskc+k4/lrJ/22Nr5SsGj0xTnXYrvBPcB6CX+aX7J1uWLyu6ZP5mBzmgjA+F
I9SH5XGzQ3l2F29tp/xJUg9lwYp7Ij+vpNP/DWLo+QC2F5Q6II0ZG9wlEA1KiYR9
l2rf7OVhtBWkaUZoVTyaSX+isj0i1BCZgyic84y/vlfVODuwAMY6K7ggZS9J+Hmd
YUvBLk8YTXFTfPZeQzglEw7U9Ia6fkV9dKeOHCrFlLelTz2umBmGfIT/WdOwSk5q
czheJsayd9VhcxOExDoqRmhOhdslI5R0p2VMcr5N5qLzPaPnvhTWw3XeirlfKu1+
SeMVGbdXF3+iWIbPtXuqOUBOmxu48HfZ/6/WyondTGN9qpTPdUgdYpHeVielziT8
WYo4q88zyaDMYIEj3Jpo+/9QHD+c60VBjumebW8F3Shat/Xq0qOWHWI4u3J5ZOXN
XJTfVGEGgtWxancMQeQxu4oejxyO8zAVbo47uDs3juuUw3kJ58Y=
=YNpi
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5517-1] libx11 security update, Moritz Muehlenhoff, 05.10.2023

Archiv bereitgestellt durch MHonArc 2.6.24.