it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5534-1] xorg-server security update

From: Salvatore Bonaccorso <carnil AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5534-1] xorg-server security update
Date: Wed, 25 Oct 2023 14:45:31 +0000
Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
List-archive: https://lists.debian.org/msgid-search/E1qvf8V-00DzA6-6K AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=vdMUlIY6RJpJU4AZDanIJXQfDz8GMhtsScNO0woylBA=; b=Q4 SJjm9HnDLTMxw5AjQr30dJwAa3bh9lVGisaU6ThuWt4mBIWi7Qa9uZ2Fyqrn/FFPlSi71tZ3ZeXem WpAvMHAEkydCHZUK41sA5Faxbu+QLEsUQ/tjWjHDldJDR0SSBnACLbSkyjG4XVIwynVtDBg/lVJdl tqTksFFlJrELMq+eNQ6pCzBe9bxOt9HwH5UwC/4L3l0jIEv1+tyVcR+riI3Xjqb/WnVTcs/GVf1Af N6Q7+jmIBgR1nR/J6nsGPWe6CoGaUUp4pvAGI8Ncn4njbhpR+7hV97OrUofNt/LGGGFJQKMOpcFrd jkMD7Lobh0wC4aEDL98lNGUn7bRKQWAA==;
Old-return-path: <carnil AT seger.debian.org>
Priority: urgent
Resent-date: Wed, 25 Oct 2023 14:45:55 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <6VFsFIN52FC.A.WwH.joSOlB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5534-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
October 25, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : xorg-server
CVE ID : CVE-2023-5367 CVE-2023-5380

Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server,
which may result in privilege escalation if the X server is running
privileged.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2:1.20.11-1+deb11u8.

For the stable distribution (bookworm), these problems have been fixed in
version 2:21.1.7-3+deb12u2.

We recommend that you upgrade your xorg-server packages.

For the detailed security status of xorg-server please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmU5Ka5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QyCQ/+I9BqRAzJ78GD6U4eSHq/BIp8eelKlubxCbrRhLAL6bD5RT3WnqpKTvvN
wW1BU6Cety4OW9NiWzOwfXPkujHs2JAow5pxmdOld7r616dS5pKNcJKM/mi+KQCb
QKQw/KNo2bgy/exJaGM1GjzaAO2jhypH/KHM1qcVziNM75NO2puMu26cqlWZf6vi
ALa6RYVQ8MiQqx0jZVjbr2W8L3vs05aB/+mNwucDBFmGeNjTCjQ4AFmSfjkOyZtk
nUUOtCwA7dSh8bv62knLrSbh+heV+y+gsK0eQb2akyJLG5iE7CITqn1fU4DrPlFp
RxeuYeXczJOPj82ET/+rKvQVUN6OmuDk6yKlpSWajYPTCVgNhzDaLRen05CqXiT1
wprIXezkCzMP6MPg1NAwPMk+VWXHz6fb48612prZBgkUetSF8wvTeZ9+lTG5Avi1
2rcY0EFtKjUVT6uP2ZJGXYs81OM5PGFqkvttcGFHLWNjQe3Hm8upUpcNgbBeNKwR
HYLdkMkjrZVbAWKcbaH68ahhd6gvNWEeZFGo/3ZWcdWF73j0zWOYYKkM3bHqBNkb
YiNdVtwvt4/d/haOXZ26AJOnq8rdOhfNw+nJm/YqEs7C2R4VmTzQrWRUE4qRCkmr
5RfymT7sAZUB3RcNflxyw9TTO55/LHILIuEQN4IncByzBd5qly8=
=pBIG
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5534-1] xorg-server security update, Salvatore Bonaccorso, 25.10.2023

Archiv bereitgestellt durch MHonArc 2.6.24.