[SECURITY] [DLA 3256-1] xorg-server security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3256-1] xorg-server security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sat, 31 Dec 2022 12:45:53 +0000 (UTC)
Message-id: <[🔎] alpine.DEB.2.21.2212311244060.9995@postfach.intern.alteholz.me>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3256-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
December 31, 2022                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : xorg-server
Version        : 2:1.20.4-1+deb10u7
CVE ID         : CVE-2022-4283 CVE-2022-46340 CVE-2022-46341
                 CVE-2022-46342 CVE-2022-46343 CVE-2022-46344

Jan-Niklas Sohn discovered several vulnerabilities in X server extensionsin the X.Org X server, which may result in privilege escalation if the Xserver is running privileged.



For Debian 10 buster, these problems have been fixed in version
2:1.20.4-1+deb10u7.

We recommend that you upgrade your xorg-server packages.

For the detailed security status of xorg-server please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmOwLwFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEfcfA/+LVEMOtG0NUPsRrkcrbRgahEhfWqNZo11h6fvjlSLYRX5Jgz83YdO8Iwr
Vo8sAq7Fk3WT57JidhuAYFQHRMQhdB9RqYjnfZjDBTP+WmgLC/OF+KCKhGOdrbXu
Azb2kdW8JQ117YVLiv2EZ4a+EZZNtuGS9i0t043b0wv7GSPE3pX3a0jnksyQ/JCm
IGI3VAmwTmJTVier2sRBPbgaKyKycWBfTxLDLWpQN+cOUhwAW6hJp4zbfVjC/zCr
Px5yVo5RjR79CERYtsK9QijJhv55n0ATirdC9WmD64UnQtP4IPWTCTtxww1DBfmm
1cab/6NNlW+JIa5EOIwX2aIXCsTgNQ9SkddtqWr0ryL3tJJFdaoeVkJ/DHjRwAGp
GhQ9vdqF4tkXqwEry6Pyp4pKmr/HGlXDWfer8NTVzyvAwcT3CRjVdEumZIDB0Bjy
yADXDucVmcW8CtwmN+co6mxYKV+Jikgqp3xf1oB3AChjdF27w6J9dLiGBG6t6PEu
K8oaHA813i4KOh4N8Pp1XRtCfZEzkLNwFwxvzgVZ3Ioc9l8wAlAQV3iNoLyaTWsp
BDFqlHPQVMdC9ru0uEkqpDUAUbYkxhr3h/aq0ba0bolK05IjZOM2SvgOFHMp7HK0
NKXJDNSjP6ypQ++dCauI0oCVUtiHe7L3ggAIPqS6S2PqvUSWgwg=
=EXGW
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3254-1] exuberant-ctags security update
Next by Date: [SECURITY] [DLA 3255-1] mplayer security update
Previous by thread: [SECURITY] [DLA 3254-1] exuberant-ctags security update
Next by thread: [SECURITY] [DLA 3255-1] mplayer security update
Index(es):
- Date
- Thread