-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3068-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 04, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : xorg-server Version : 2:1.20.4-1+deb10u5 CVE ID : CVE-2022-2319 CVE-2022-2320 Jan-Niklas Sohn discovered two out of bound memory writes in X.Org Server's ProcXkbSetGeometry and ProcXkbSetDeviceInfo Xkb extensions. These issues could be exploited by an attacker to cause denial of service, privilege escalation or arbitrary code execution. For Debian 10 buster, these problems have been fixed in version 2:1.20.4-1+deb10u5. We recommend that you upgrade your xorg-server packages. For the detailed security status of xorg-server please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xorg-server Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmLr7GMACgkQnUbEiOQ2 gwJz4hAAjlIsO2Gv6hRsnaTm8LghSgp8ht4nGwF8/le7vVgWdezRfOENOJ14Djaj fVzDqqQDp9ASygRH/ENoBhodB3LcYoHfhf15uMlXFQB0b0zfc0hGn5fzm9ofhTBn GTgGgZ4BoesEBJeUzLW27mtocGSZCH5toKHKLoPoOzXlSP6UFhcI9YCRkai4RhcD A2ibSjWhh+KpnyMioAVmLzfP0IMla9b2cnQS6yDVFdANh61Rc0H0FTNzgWlnKOC1 EX1dXKzxaBHlPM1/mDd0Cj/kYXRuEZfLTrLsQUpT+Gm/4m6tqQ2AOpxNWYGcY5ua /byDj8RKgkf15tcPmj0STuGMi43nh2bWXddLUriEtezlntRvlZoaVfl2JHbMuSS4 23Q83VqxdorxVb0kasw9xNhe0YXQL2k1EBDbDq1JKVBzMZYPUtYG6k5UnAzDmrPp fgz+c6MiUwLEY/Zpx3JwfGtejq6AHkrFrXseI5ALTgXKc/HR3GUlE1+283hPk/5q zMq2UH6+jpwt0m/ihYeY5H1gc91CxRSoCsoQHocmfKp0U+K7zScpAlDCVKMAlbsQ f5C6PY+uBBJUadwaiFKqG00CeNgnX1VT/chw/6tAmlz2pkw2ieEMqdD8Fh9fF89E 3W97fcBGKj49aqEZrnXNZSgrKVttwx84z9dY8RsuzJoHUpI4Z4o= =cjJb -----END PGP SIGNATURE-----
