Updated x11-server packages fix security vulnerability
Publication date: 18 Nov 2022Modification date: 18 Nov 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-3550 , CVE-2022-3551
Description
Buffer overflow in function _GetCountedString of the file xkb/xkb.c.
(CVE-2022-3550)
Memory leak in the function ProcXkbGetKbdByName of the file xkb/xkb.c.
(CVE-2022-3551)
References
- https://bugs.mageia.org/show_bug.cgi?id=31070
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/012799.html
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FJY277PW6YAVPJTYNNLHBG2IH4BEALZT/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3FYL6LL3R5FHAPM6C4AYXJAYVE6XH36D/
- https://www.debian.org/lts/security/2022/dla-3185
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551
SRPMS
8/core
- x11-server-1.20.14-4.mga8