You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa X Org X Server

Sigurnosni nedostaci programskog paketa X Org X Server

by Dona Šeruga - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4656-2
December 07, 2020

xorg-server vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM

Summary:

Several security issues were fixed in X.Org X Server.

Software Description:
– xorg-server: X.Org X11 server

Details:

USN-4656-1 fixed several vulnerabilities in X.Org. This update provides
the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

Jan-Niklas Sohn discovered that the X.Org X Server XKB extension
incorrectly handled certain inputs. A local attacker could possibly use
this issue to escalate privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
xserver-xorg-core 2:1.15.1-0ubuntu2.11+esm3

After a standard system update you need to reboot your computer to make all
the necessary changes.

References:
https://usn.ubuntu.com/4656-2
https://usn.ubuntu.com/4656-1
CVE-2020-14360, CVE-2020-25712
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl/OVHMACgkQRbznW4QL
H2nOuBAAvBdhNhrMmTX9WSD0P1pw/nrHCpba5+Me+74TnfCUPQWN0OJPLQNlXfGt
Qfi4+fU0QvveE5Drmkbvxt1hFDbhXLcNABkQhjDmZ7W4402FWSpCu3mJlUzSmQ+z
i/DbvvxThESDIyIRVgUyEVH28ZMSxQdon7rEwQHKUQx1yH/6CAxfyaeAaYHd1B4W
700TShVGLglBOAAB2a6lwF4lX87Yjv3/YQjFNBTbzfdGp0AGueipQflPqMn5R2cu
ZTHTv/pw7YiGvK3oQ68UKsJYT6ERq9vMXC2UWc0eYRzk9vbzg1cYg5EjXOo+1/Is
beMZ5NmufDfIsVbfpAccWsvoLCHdgYAMay2KDnEEvQHVgxC2SKjpTTdhp5uTAWVG
53m0iEc66ddA83j2LRQPyk9M9Y/GYPxCGwu6QUbWWreWi3MpPxzjRXUGZIpN63vz
N2+rEuQheYB7LEcQC1TuJO0RnQDaZ1BJzZhigE5CjwHPdXtaQedeUJS5imPLI4eq
rAAC3MQpFLAOq1DvO+luX0eymZrE9DWvo9TlR9eWLGsWpE1solK7Feh5ETtjhqAr
pnAbkcD2oUhc3SX/RsdUGuFYNdaOU1CLChM4nGNFDhwCvX9gWctKTDtz03YeX+ld
NKCj0oEVwjPi2kIWNJCZOUinScDvB3NlMbidtjx4euCA7feM/EU=
=iSJT
—–END PGP SIGNATURE—–

AutorDona Šeruga
Cert idNCERT-REF-2020-12-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Dona Šeruga
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa pngcheck

Otkriven je sigurnosni nedostatak u programskom paketu pngcheck za operacijski sustav openSUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja....

Close