1. Forum
  2. Usenet
  3. LINUX.DEBIAN.PROJECT

  • Re: [SECURITY] [DSA 5800-1] xorg-server security update

    From Soren Stoutner@21:1/5 to All on Tue Oct 29 23:43:44 2024
    The unsubscribe information you are looking for is at:

    https://lists.debian.org/debian-project/

    On Tuesday, October 29, 2024 7:26:51 PM MST Arty Buckingham wrote:
    Hello

    thanks for all of this great info over the years

    I no longer require it.

    PLEASE UNSUBSCRIBE ME FROM YOUR MAILING LISTS
    or send me a link to where this can be done.

    Cheers
    Art

    On 30 Oct 2024, at 5:36 am, Salvatore Bonaccorso <carnil@debian.org>
    wrote:

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    -
    -------------------------------------------------------------------------
    Debian Security Advisory DSA-5800-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 29, 2024 https://www.debian.org/security/faq
    -
    -------------------------------------------------------------------------

    Package : xorg-server
    CVE ID : CVE-2024-9632
    Debian Bug : 1086244

    Jan-Niklas Sohn discovered that a heap-based buffer overflow in the _XkbSetCompatMap function in the X Keyboard Extension of the X.org X
    server may result in privilege escalation if the X server is running privileged.

    For the stable distribution (bookworm), this problem has been fixed in version 2:21.1.7-3+deb12u8.

    We recommend that you upgrade your xorg-server packages.

    For the detailed security status of xorg-server please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xorg-server

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmchKQNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0S1og//Qc+fk1SZNKINd1d/ItoR5XQQGU4V92/kQKcfNu97F2DLcb1wUc+BZAaY yr1HS+ru3pY25XOKYLgR7Tx///BEXzYxKdNxLGVMXzJqU06oSYXAkUBERFW5aU0/ ayaV+UtwaX7ADUwYpCeJbQJcudMw3YtPlkRpN1uCs/lHMHPcbsGpZt4VBpItksrs iRpqq40eQiPafzGBpzx40ejaJyn200s9hYNN6dieqNDQTW6MmGSI9OLfY5alze6M Iot3mopREg/iKJblNz7+T2mKng0TEPY2PgolcsmHjvHEKCrWmWcGKwWHKlbvfpJX s1522AAWS5aJeW8r6TeGbOa298caLsW4doQa/6EX4HeADQu7SjV9oXZwrUtGsCxn eb6oLUGhHs0FGmY/Hvfng/ouZwSj1wKWE45hMCJ1HRSlpbfCoJxQlFpNLWQziFaS TuzebmpPXfbrbcXb7tNgUPtLcayu09JwJWxZLYPYcFDXZe1wUz3ZQIWkKHizXkSI NZtQYdLMKqBp99XR65vkTORS7QWkpdaW6AY6JujoihKFzh+wRM7qKtgflHl6qTLd mPK8DU/qe5jCs5oqzLvQ7sZUb95JqhYaLf8ZWH6koTHLHqnMt9wOxqoEPoFfk4Lz TH0FizIOHO6imr6USG+ubOtlf/nd1py1achR9ihKtd+0GE0Hx8Q=
    =Y9nq
    -----END PGP SIGNATURE-----


    --
    Soren Stoutner
    soren@debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEEJKVN2yNUZnlcqOI+wufLJ66wtgMFAmch1aAACgkQwufLJ66w tgPt3RAAtSb/qnRPs2axgas3P1R91gxHYSeB/G98QTdJPm4flo2l6B1AbCBP/VaQ koahtGhKv4UNSb7m4VliWa17o+vzR6gkkwDaK2bbPW+Ca2ibDUo9aqqHU0vHBOZd w+7EwhvaS31PrM/OlMl4JhFby3LFqjvuvKkAn0tdKFg0/L8NCuYYoOy4FaYhTkME C76alhrMGv7VMy61UGOXNHwOS2XmQ/febvYBMvl/Rc7VaXl7zYFkJqGT++PFXCCC JCMDtfNUJ/GbVcGLf2w6q1YLZ2r1hFfCXKZ9hNuqFoI82Fdxd7g2Y0zGVV1gf2iL XNNMvJGXq1oClAbQkiTYx6/I1HM7WxkOQl2iycTHiGcMR2IZUGDGTtz+xTf9I2ZT ZuRBx8PEJnO0Fu/hoLKjWzZed/5jOil55Hin1p9ec/jlsrjIwyArfBAfu/yj4xn5 SVo+7otbdCInkdzJTAFKFXiYA7B6Qo1urdibvWyK57BOCcLkQ12imqTND31HcQn/ lFT9c4lyI8JjdkW2WQ0oIud/MUFSOIJq4prB73ULTXcNeyFpeAWOmX1kJxmJQw9e /+gosAslPI4icbQt++nQDQOysixQysWpP8G7H4xYlLS0+qICVf1kyW4lPUGwSbrJ hTb1d7coh6Lu0dhcL5Xk22FjO0a5X9hib6JJbAEt3xxZ22ByW/I=
    =6uQV
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)