drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in X.Org X server und XWayland
Name: |
Mehrere Probleme in X.Org X server und XWayland |
|
ID: |
202305-30 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Di, 30. Mai 2023, 07:09 |
|
Referenzen: |
https://nvd.nist.gov/vuln/detail/CVE-2021-4008
https://nvd.nist.gov/vuln/detail/CVE-2022-46283
https://nvd.nist.gov/vuln/detail/CVE-2023-0494
https://nvd.nist.gov/vuln/detail/CVE-2022-3553
https://nvd.nist.gov/vuln/detail/CVE-2022-4283
https://nvd.nist.gov/vuln/detail/CVE-2022-46340
https://nvd.nist.gov/vuln/detail/CVE-2021-4009
https://nvd.nist.gov/vuln/detail/CVE-2022-46344
https://nvd.nist.gov/vuln/detail/CVE-2023-1393
https://nvd.nist.gov/vuln/detail/CVE-2022-3551
https://nvd.nist.gov/vuln/detail/CVE-2022-46342
https://nvd.nist.gov/vuln/detail/CVE-2022-3550
https://nvd.nist.gov/vuln/detail/CVE-2021-4011
https://nvd.nist.gov/vuln/detail/CVE-2022-46341
https://nvd.nist.gov/vuln/detail/CVE-2022-46343
https://nvd.nist.gov/vuln/detail/CVE-2021-4010 |
|
Applikationen: |
XWayland, X11 |
|
Originalnachricht |
--===============6827191331652211689== Content-Type: text/plain; charset="utf-8"
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202305-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High Title: X.Org X server, XWayland: Multiple Vulnerabilities Date: May 30, 2023 Bugs: #829208, #877459, #885825, #893438, #903547 ID: 202305-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.
Background ==========
The X Window System is a graphical windowing system based on a client/server model.
Affected packages =================
Package Vulnerable Unaffected -------------------- ------------ ------------ x11-base/xorg-server < 21.1.8 >= 21.1.8 x11-base/xwayland < 23.1.1 >= 23.1.1
Description ===========
Multiple vulnerabilities have been discovered in X.Org X server, XWayland. Please review the CVE identifiers referenced below for details.
Impact ======
Please review the referenced CVE identifiers for details.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All X.Org X server users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-base/xorg-server-21.1.8"
All XWayland users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-base/xwayland-23.1.1"
References ==========
[ 1 ] CVE-2021-4008 https://nvd.nist.gov/vuln/detail/CVE-2021-4008 [ 2 ] CVE-2021-4009 https://nvd.nist.gov/vuln/detail/CVE-2021-4009 [ 3 ] CVE-2021-4010 https://nvd.nist.gov/vuln/detail/CVE-2021-4010 [ 4 ] CVE-2021-4011 https://nvd.nist.gov/vuln/detail/CVE-2021-4011 [ 5 ] CVE-2022-3550 https://nvd.nist.gov/vuln/detail/CVE-2022-3550 [ 6 ] CVE-2022-3551 https://nvd.nist.gov/vuln/detail/CVE-2022-3551 [ 7 ] CVE-2022-3553 https://nvd.nist.gov/vuln/detail/CVE-2022-3553 [ 8 ] CVE-2022-4283 https://nvd.nist.gov/vuln/detail/CVE-2022-4283 [ 9 ] CVE-2022-46283 https://nvd.nist.gov/vuln/detail/CVE-2022-46283 [ 10 ] CVE-2022-46340 https://nvd.nist.gov/vuln/detail/CVE-2022-46340 [ 11 ] CVE-2022-46341 https://nvd.nist.gov/vuln/detail/CVE-2022-46341 [ 12 ] CVE-2022-46342 https://nvd.nist.gov/vuln/detail/CVE-2022-46342 [ 13 ] CVE-2022-46343 https://nvd.nist.gov/vuln/detail/CVE-2022-46343 [ 14 ] CVE-2022-46344 https://nvd.nist.gov/vuln/detail/CVE-2022-46344 [ 15 ] CVE-2023-0494 https://nvd.nist.gov/vuln/detail/CVE-2023-0494 [ 16 ] CVE-2023-1393 https://nvd.nist.gov/vuln/detail/CVE-2023-1393 [ 17 ] ZDI-CAN-19596
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202305-30
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 --===============6827191331652211689== Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEpqTA6ABLMxh/aChGFMQkOaVy+9kFAmR1ZX8ACgkQFMQkOaVy +9kh4Q//Sf2mdd2INp1pdmE5nN1AbShoR0/T7OnrhjBeMy5p2ln0yHhLp6jdF25U 62UaVu7UWH/E3xiREap7+bXZSbjOan3eVnUwJu0IPGyu3pY6/hRSXW8zy+OAbusq gkzohzZj1tbuoPbFZ+jRQt9xbZhS0SaAljWhwGl87yG/9fDqhR9vaWAyvA9eIMpQ UL0t9oxx+svmZvShiuDKmqkPaP8Ppj7u3EHe/Pj+lfX3SAJutoByTtzkPrLqD8et Nq6kZtMeoIQk0MYqv1fgz1xZ1c+4D5TvxQTIp8XWcEJpi8UBexjt2Ff6fkDcqTrJ p7EMp/VbaVxdJo8Ods0n5H4AYnkOEw91RHSmKN/CSdyvADcbKpatNExCxOqjzaIM Gr4ENfGyjZW8NWPmc5T007w1Rb5TwAYa0BooBXxNNyIbNV5V2eOQAf3buFBSwEN7 YGoRG2a0LKt0rGgldW4b9RZepPcyPaQCATQnXK3Xhd6dJGqdiv9xtPfsNgsEyEp0 Lcs3s63Q+DR93oic+CTaXVnu2F0DW/WKpBP9X69+2e+MnEwsdVYgwO3RoBCkV17W YlRIS8gp2TVBcnjX8bw22f1nTbHnt8KJnUor7NHxQFWRZ5MCbm6hNGma/NVsglSp o9+LWvhUC8drarZUJluRqX5lHrI06PDoabQsZxXpJ+zmW+drl0Y= =SyCd -----END PGP SIGNATURE-----
--===============6827191331652211689==--
|
|
|
|