Source: xorg-server Version: 2:1.20.4-1+deb10u1 Severity: grave Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]> Control: found -1 2:1.20.4-1 Control: found -1 2:1.20.8-2 Control: found -1 2:1.20.9-2
Hi, The following vulnerabilities were published for xorg-server. CVE-2020-25712[0]: | Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap overflows CVE-2020-14360[1]: | Check SetMap request length carefully If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-25712 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25712 [1] https://security-tracker.debian.org/tracker/CVE-2020-14360 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14360 [2] https://www.openwall.com/lists/oss-security/2020/12/01/3 Regards, Salvatore
