• [SECURITY] [DSA 5380-1] xorg-server security update

    From Salvatore Bonaccorso@21:1/5 to All on Wed Mar 29 15:10:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5380-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso
    March 29, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : xorg-server
    CVE ID : CVE-2023-1393

    Jan-Niklas Sohn discovered that a user-after-free flaw in the Composite extension of the X.org X server may result in privilege escalation if
    the X server is running under the root user.

    For the stable distribution (bullseye), this problem has been fixed in
    version 2:1.20.11-1+deb11u6.

    We recommend that you upgrade your xorg-server packages.

    For the detailed security status of xorg-server please refer to its
    security tracker page at: https://security-tracker.debian.org/tracker/xorg-server

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmQkNc1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TcaA/+MDyL5ZfwUH63eGRjsDgYlfwiTKPEOG6XLjT5dmTX8nBJtt+SSP8TA2u7 Tm76IUS6chdLDTkhoEo0iEfaFMOWyCWcDcWJY9BEGxIlOu84Hbx+zzwx1sFFHytL NKRLTWHiMknT9j4mBnmgqUeXSWtyhzHBHniRpHgTFvnVMOdLCyZSg9EjWAldxVhK KluolmLF6j+KCG14OWx62lUrX5hFOW9fUPVs2FHVD02qp8/MjyLLJAGVA0GVDqC/ uXs46KWrpudUjqh4uOERY0Pa9zQ/CCZnp/VElr8kdOVWsChvs2sC63/6H/2dHyUV TPI5dEO/IDa96SKxNLQl0pHIhzPUAntJPVfu40edhXiLBrkag13y+e/ipvjk1OTD h2W0cq8GQ2Y+mNNme0CmS8xVO9V4XT1ScA1HpeDEPooOxFsepCSdWsEHDLUQOjkW uUMVRGpeE+RM4DX4roU/dfn029kzZWTx7/50XW2++8iQvLJY9G79pkMUyh/QLhQ1 XgNTU684YbUQTgeLuMJXlB9hU0YWeO20/Yq9pFAzIhT2IRELcdF7cQm2Yvfy7eHc bs3OwdyqVrZkzBwFYj6bFm2iSQVgAl3lyv4QwZel82dMEZusD2bggrwsWB8tjsY5 T8GL0HjdNpLSHQb2AwlmsdmteXkvQLiZarw74dQBLTvjpVGjP4s=
    =FUIu
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)