ALSA-2024:2169

[ALSA-2024:2169] Moderate: xorg-x11-server security update

Type:

security

Severity:

moderate

Release date:

2024-05-07

Description:

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

Security Fix(es):

* xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
* xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
* xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)
* xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)
* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
* xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)
* xorg-x11-server: SELinux context corruption (CVE-2024-0409)
* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)
* xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	xorg-x11-server-Xvfb-1.20.11-24.el9.aarch64.rpm	1ae5fc86859b89872a8c51b67c87df0a41955982564d875ebeeff17ecc871daf
aarch64	xorg-x11-server-Xephyr-1.20.11-24.el9.aarch64.rpm	2731b72703c22b6c6d6997cf159732c35c5209f0248cedde2aa63599c0bb0595
aarch64	xorg-x11-server-Xdmx-1.20.11-24.el9.aarch64.rpm	5231d3ee4b1383b1af48c37e76396d6e039739e661aaeb4eb17728bdd56d92c9
aarch64	xorg-x11-server-Xnest-1.20.11-24.el9.aarch64.rpm	5dd7b3e86de218e91b7f2b5c1b5677ac3a4baffa4eb3845ed7bfee1fe2925ac6
aarch64	xorg-x11-server-common-1.20.11-24.el9.aarch64.rpm	96cd45f5114e351ccc77f5d65cee6723868e95e3e3561c08bf375221808497ad
aarch64	xorg-x11-server-devel-1.20.11-24.el9.aarch64.rpm	a29069d1dc5ee5365ffc1d42fb9a960ff6d1f6a412c93bce4dc84799c4d12c7f
aarch64	xorg-x11-server-Xorg-1.20.11-24.el9.aarch64.rpm	dec4a970f00a839a771896761561ee741b34f28045c034202a789b55421082f3
i686	xorg-x11-server-devel-1.20.11-24.el9.i686.rpm	6a61a57ae109ac1e5d172d27293c26d0cd82ff4a7c687828491ee487f58944cf
noarch	xorg-x11-server-source-1.20.11-24.el9.noarch.rpm	312de6141de8edf176752f753a27b2608f335b89d5c094f576bbb86755bd521f
ppc64le	xorg-x11-server-Xdmx-1.20.11-24.el9.ppc64le.rpm	0c3453dd23c0fc00dc60efd0a69e58b01587f13796708072bdb46d772f6313e8
ppc64le	xorg-x11-server-Xnest-1.20.11-24.el9.ppc64le.rpm	259285f14472ac488e97e9393d6ec41e2837aa43d168a0b433226ddfe58a47bf
ppc64le	xorg-x11-server-common-1.20.11-24.el9.ppc64le.rpm	57ea561cb19c7aef37b6cc1b88526c850391997ee2002e775cdfccbb409e17de
ppc64le	xorg-x11-server-Xorg-1.20.11-24.el9.ppc64le.rpm	669683b0c1bfbee8f3b86970671a322e18f3205828dbceacf6c54052da9ee0a9
ppc64le	xorg-x11-server-Xvfb-1.20.11-24.el9.ppc64le.rpm	7900df253bdea957540740733d9f387a99c57ed6d3a5fb80b26bcffae3e486ef
ppc64le	xorg-x11-server-Xephyr-1.20.11-24.el9.ppc64le.rpm	d5218bd597475212ab6e63d75cc808d42c176cd187a7c719848ea49c77278481
ppc64le	xorg-x11-server-devel-1.20.11-24.el9.ppc64le.rpm	dacbd22738f68bb6cdd4ac9dd667c92f936da4a43888b97bc842f6b99a10590f
s390x	xorg-x11-server-Xvfb-1.20.11-24.el9.s390x.rpm	7b885dbbe768f774a7ca8f1b1c1b8d07e5d05c22c3f507001eb4e791e970c0aa
s390x	xorg-x11-server-devel-1.20.11-24.el9.s390x.rpm	7ef72de6b434cddf1f436b96692b9c56c372c48e59b8acaaeff178922fc55345
s390x	xorg-x11-server-Xnest-1.20.11-24.el9.s390x.rpm	a86fe21247a3561a56a0f7729bce9ce3a88eaa08788fd9f1560b7eb58b67138c
s390x	xorg-x11-server-Xdmx-1.20.11-24.el9.s390x.rpm	b7470157ea9c444fcf62d7aaac7f9950da9e20e12a0a42c47913fa491e767774
s390x	xorg-x11-server-common-1.20.11-24.el9.s390x.rpm	c53bacd84ed607fa33fa7b2df6ffc5a21ccc8ecd9bfada6b43d29b7993945a04
s390x	xorg-x11-server-Xorg-1.20.11-24.el9.s390x.rpm	cc57901c002280ea3b3c0010993f71f136e75743bd892222abf20bd115271ebd
s390x	xorg-x11-server-Xephyr-1.20.11-24.el9.s390x.rpm	f71b78fa2c95cc438340abd3dd9cc75d4d0cf84eef54537720f64813eb8c2199
x86_64	xorg-x11-server-Xvfb-1.20.11-24.el9.x86_64.rpm	1fc6dd68521b3c868bfb5648ba0a4817393ca7a2c2a202bd5e83fdac58cb40c0
x86_64	xorg-x11-server-Xorg-1.20.11-24.el9.x86_64.rpm	5127cd5d9946acdddbfd5a31a4ddc4668a524a44d0800517856fe18bb7252355
x86_64	xorg-x11-server-devel-1.20.11-24.el9.x86_64.rpm	557e59f69b53f13e2e0c74f7d19082fb1adb48e1716761d003ab12f01024af85
x86_64	xorg-x11-server-Xnest-1.20.11-24.el9.x86_64.rpm	a5937b912595e85e3068bd562021530e500eefb22f19919f3f1e624d21722855
x86_64	xorg-x11-server-Xdmx-1.20.11-24.el9.x86_64.rpm	cadee4e3d6fedfd59a664675030551e3b1575ff08e16a14adeba2ec5dd06531c
x86_64	xorg-x11-server-common-1.20.11-24.el9.x86_64.rpm	e09a25ef8db6803e323616b92374b00867558dfe24f626c5cc40bbdefb129f0a
x86_64	xorg-x11-server-Xephyr-1.20.11-24.el9.x86_64.rpm	ee00ad49a8096217db9a8a365a52093db300dc896a68c497efdb2b269dea6df7

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.