ALSA-2024:2995

[ALSA-2024:2995] Moderate: xorg-x11-server security update

Type:

security

Severity:

moderate

Release date:

2024-05-29

Description:

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

Security Fix(es):

* xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
* xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
* xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)
* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
* xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)
* xorg-x11-server: SELinux context corruption (CVE-2024-0409)
* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)
* xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	xorg-x11-server-Xvfb-1.20.11-22.el8.aarch64.rpm	02ef81e405f034be9acb5cd566bef80b1d42a7f8e5f199a78a7980739f5106c3
aarch64	xorg-x11-server-Xnest-1.20.11-22.el8.aarch64.rpm	461ff0ae18016864bf5f713c8d70d66380fb26fece2bcfa5b75224f624abd9a7
aarch64	xorg-x11-server-devel-1.20.11-22.el8.aarch64.rpm	8c0017f7bc8e856af0ec9382ebb90cb6cbd3038aed46570ff21785da8c91f588
aarch64	xorg-x11-server-common-1.20.11-22.el8.aarch64.rpm	94532a776ac8272cf94c0c4c545715d5d22f11a41a8e0bd6d1ea2185df5bc833
aarch64	xorg-x11-server-Xephyr-1.20.11-22.el8.aarch64.rpm	b241b2066565d7dce3a0a9bcfc73a00f6b711b10ab05d9660f19870a95e0e9c2
aarch64	xorg-x11-server-Xdmx-1.20.11-22.el8.aarch64.rpm	cef16834e617dce30e4acdb524ac94718bf55bb0ab536a6645ffaed9f8be4659
aarch64	xorg-x11-server-Xorg-1.20.11-22.el8.aarch64.rpm	df76599cbffb48d2dc8efbf2743d71154a4f0d0f2fa24fcc5a1d06865887a0fa
i686	xorg-x11-server-devel-1.20.11-22.el8.i686.rpm	d53d99e7319c7d8a33fe761d0d799fd837c68347719c35bf5e530b45035b8d70
noarch	xorg-x11-server-source-1.20.11-22.el8.noarch.rpm	d9e3688317f11fecbde68151cfa0b30b79f3ea6a4b9bd877ac51cf2aae410829
ppc64le	xorg-x11-server-Xdmx-1.20.11-22.el8.ppc64le.rpm	387cac4c4b399774e446a5692b23f08dfaefb292efbe5142d2ee69feac3a9170
ppc64le	xorg-x11-server-common-1.20.11-22.el8.ppc64le.rpm	389f9da1a1b1e102f5f0580c99b2509bc78d4ad2cd7db37bc23853f8b714e961
ppc64le	xorg-x11-server-Xvfb-1.20.11-22.el8.ppc64le.rpm	575410f381c26fc1f8ea19d10d45db078081e04491386ad4531226053d64b6f7
ppc64le	xorg-x11-server-Xephyr-1.20.11-22.el8.ppc64le.rpm	5a9ee99ca7d20e41d3830eb53073fdcd284cc2fb5ecc027fcaeb95630d087cef
ppc64le	xorg-x11-server-devel-1.20.11-22.el8.ppc64le.rpm	64d1c2044934b674e760a3b109f6ca47133c4037396eee7167a7ee715b6be024
ppc64le	xorg-x11-server-Xorg-1.20.11-22.el8.ppc64le.rpm	91cb1f3d0ee74aba7ab0f8a180f00f7cd7d01762286a363239fd41d695ce8b4c
ppc64le	xorg-x11-server-Xnest-1.20.11-22.el8.ppc64le.rpm	c105be7b44060226eef12a33397b05446052a656e395d9b9604750a23208a8c0
s390x	xorg-x11-server-Xnest-1.20.11-22.el8.s390x.rpm	19a9dd97e23d68b0f384bb7f22aded8245724466c4be36de8c60375abd30b481
s390x	xorg-x11-server-Xorg-1.20.11-22.el8.s390x.rpm	7eaefa10086d31601dac8493b45db143f285b7e7490804a1334a46263e8d1cf5
s390x	xorg-x11-server-common-1.20.11-22.el8.s390x.rpm	a6e5301f32068c1b524a553093cd6d31a8866550fc423579b7a6edb99268c2c0
s390x	xorg-x11-server-Xdmx-1.20.11-22.el8.s390x.rpm	cd0c726c0745d82d7f8a47168b5de768185a4c4661d2945efe52e06a3b8096b7
s390x	xorg-x11-server-devel-1.20.11-22.el8.s390x.rpm	db19569844e05ffbf6a42765b1c17ff155b17e7a66aafa7f238dff4297e14501
s390x	xorg-x11-server-Xephyr-1.20.11-22.el8.s390x.rpm	dc2ab6311df73e111485c3a1ee6136d31b2e399fe4ab9d97376e25c1db39fdca
s390x	xorg-x11-server-Xvfb-1.20.11-22.el8.s390x.rpm	e6a387822e3987c583953af72b45576b5235e881163819d3e7b321e3356523dc
x86_64	xorg-x11-server-Xdmx-1.20.11-22.el8.x86_64.rpm	174bad2504c3c921ca3bb3fcfa10b19a4197f7f43307b91227d72847e4125e01
x86_64	xorg-x11-server-Xephyr-1.20.11-22.el8.x86_64.rpm	4abe670325b4a13768e9e4b32d2a56d4081f36fef0c4158522291a6c08013afe
x86_64	xorg-x11-server-Xvfb-1.20.11-22.el8.x86_64.rpm	4f51d7fbc9caf3681829308cf609575161b44a30ab48e1e8d1132b48351f1966
x86_64	xorg-x11-server-common-1.20.11-22.el8.x86_64.rpm	5b9d79fc92a24c008f0793d4297daf3bedb88c0e28cc98efb1de08875ddd728b
x86_64	xorg-x11-server-devel-1.20.11-22.el8.x86_64.rpm	65f1dfd9aca87c0c7e5110d524b6a01faa4069bb221f9d83afd446bcea960d80
x86_64	xorg-x11-server-Xnest-1.20.11-22.el8.x86_64.rpm	8109d143367b891eec65d1f7c4680a3e5aea1896904031394251ee77278d9c38
x86_64	xorg-x11-server-Xorg-1.20.11-22.el8.x86_64.rpm	b42cd6eef02a3a6aacd13a4791b0c5b0fdecd622765a5b672216373754b835af

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.