You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa xorg-server

Sigurnosni nedostaci programskog paketa xorg-server

by Marina Dimic Vugec - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LDE

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4758-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 04, 2020 https://www.debian.org/security/faq
– ————————————————————————-

Package : xorg-server
CVE ID : CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-14361
CVE-2020-14362
Debian Bug : 968986

Several vulnerabilities have been discovered in the X.Org X server.
Missing input sanitising in X server extensions may result in local
privilege escalation if the X server is configured to run with root
privileges. In addition an ASLR bypass was fixed.

For the stable distribution (buster), these problems have been fixed in
version 2:1.20.4-1+deb10u1.

We recommend that you upgrade your xorg-server packages.

For the detailed security status of xorg-server please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9SjhFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SQwA//XGo/lhGS3zaQUS0Q2PKia93pLGB1+8kRs5OEtIq2FitJBYCNmoXTwNNw
rky+bOJSgo8cWP/FiiYV5282Fz8jZGEAz93melkWiF8tz1V5wZeDHS8BpDbYI3wj
dJ7KPpSWd8G4auIoXYoqfIxi1qVO45JAa7VPYl1FSG1QNDYbzcrk2AK22O5/WJq9
XZHlgZoJohhzXtqKmv+/AAHxtZSJqSTvyv6AVCGFGMnLDcM/uMlTKifsZRBNiEzZ
0klT3yHGF04oHYBvojpvCGRrbLfhV+fhjtw8a29hRcQeXDuUMWCxw5ztfRYi/bdk
/Ufn1177T8X95cEG2BBU2C0ZezxOQ6tAeQIv/3uDswsyq6Iuu0Cuk1LMVymNSphb
qy1ZELfugwOBTGub8/nKegBeioDJawM8jqMbKjnpi88s+TXYNUnz5DMLYJ8+7K9E
Oz63acYKa8GfJ7wEKtjW0swm1kI2DTX2A1d1T6mUy6padM3tOuJY8tYrZArRBFBZ
whPGDiRWy9RXToA4/a0USQy6W+VmCtW0itSWhWQ0/G9cWgLTqwVvs1eWt1f8ap5B
WlHo+aXHn8gmJGFEwd4mSk3b7YkXGvMEWp+iRx75V3WO5MoLxDk08V3QbCts27Wn
5dW0tcNZs8VRBhxTYrr68bZayZQ0SanDftvASiCO38PMQRD9bJU=
=YWoI
—–END PGP SIGNATURE—–

AutorBruno Varga
Cert idNCERT-REF-2020-09-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Marina Dimic Vugec
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libX11

Otkriven je sigurnosni nedostatak programske biblioteke libX11 za operacijski sustav openSUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja. Savjetuje...

Close