Updated x11-server packages fix security vulnerability
Publication date: 24 Jan 2023Modification date: 24 Jan 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-4283 , CVE-2022-46340 , CVE-2022-46341 , CVE-2022-46342 , CVE-2022-46343 , CVE-2022-46344
Description
X.Org Server XkbGetKbdByName use-after-free. (CVE-2022-4283)
X.Org Server XTestSwapFakeInput stack overflow. (CVE-2022-46340)
X.Org Server XIPassiveUngrab out-of-bounds access. (CVE-2022-46341)
X.Org Server XvdiSelectVideoNotify use-after-free. (CVE-2022-46342)
X.Org Server ScreenSaverSetAttributes use-after-free. (CVE-2022-46343)
X.Org Server XIChangeProperty out-of-bounds access. (CVE-2022-46344)
References
- https://bugs.mageia.org/show_bug.cgi?id=31281
- https://lists.x.org/archives/xorg-announce/2022-December/003302.html
- https://ubuntu.com/security/notices/USN-5778-1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RWTH3SNJ3GKYDSN7I3QDGWYEPSMWU6EP/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344
SRPMS
8/core
- x11-server-1.20.14-4.1.mga8