-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-5380-1
security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso
March 29, 2023
https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : xorg-server
CVE ID : CVE-2023-1393
Jan-Niklas Sohn discovered that a user-after-free flaw in the Composite extension of the X.org X server may result in privilege escalation if
the X server is running under the root user.
For the stable distribution (bullseye), this problem has been fixed in
version 2:1.20.11-1+deb11u6.
We recommend that you upgrade your xorg-server packages.
For the detailed security status of xorg-server please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:
https://www.debian.org/security/
Mailing list:
debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmQkNc1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TcaA/+MDyL5ZfwUH63eGRjsDgYlfwiTKPEOG6XLjT5dmTX8nBJtt+SSP8TA2u7 Tm76IUS6chdLDTkhoEo0iEfaFMOWyCWcDcWJY9BEGxIlOu84Hbx+zzwx1sFFHytL NKRLTWHiMknT9j4mBnmgqUeXSWtyhzHBHniRpHgTFvnVMOdLCyZSg9EjWAldxVhK KluolmLF6j+KCG14OWx62lUrX5hFOW9fUPVs2FHVD02qp8/MjyLLJAGVA0GVDqC/ uXs46KWrpudUjqh4uOERY0Pa9zQ/CCZnp/VElr8kdOVWsChvs2sC63/6H/2dHyUV TPI5dEO/IDa96SKxNLQl0pHIhzPUAntJPVfu40edhXiLBrkag13y+e/ipvjk1OTD h2W0cq8GQ2Y+mNNme0CmS8xVO9V4XT1ScA1HpeDEPooOxFsepCSdWsEHDLUQOjkW uUMVRGpeE+RM4DX4roU/dfn029kzZWTx7/50XW2++8iQvLJY9G79pkMUyh/QLhQ1 XgNTU684YbUQTgeLuMJXlB9hU0YWeO20/Yq9pFAzIhT2IRELcdF7cQm2Yvfy7eHc bs3OwdyqVrZkzBwFYj6bFm2iSQVgAl3lyv4QwZel82dMEZusD2bggrwsWB8tjsY5 T8GL0HjdNpLSHQb2AwlmsdmteXkvQLiZarw74dQBLTvjpVGjP4s=
=FUIu
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)