Debian Linux Security Advisory 5576-1 - Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server, which may result in privilege escalation if the X server is running privileged.
02e7defbebaae0b355ce0347a45f3a3e36a998c50aabf68a9166432de62acb8b-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5576-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
December 13, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : xorg-server
CVE ID : CVE-2023-6377 CVE-2023-6478
Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server,
which may result in privilege escalation if the X server is running
privileged.
For the oldstable distribution (bullseye), these problems have been fixed
in version 2:1.20.11-1+deb11u9.
For the stable distribution (bookworm), these problems have been fixed in
version 2:21.1.7-3+deb12u3.
We recommend that you upgrade your xorg-server packages.
For the detailed security status of xorg-server please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmV5VupfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SUYw/9EQ3fcLsEcUlDUGzvGo0KtjR57/eAdc3xJkMgVvX+izjW1MADBnJ7UeID
8vthDQnpS1hePUSGRcL7iWjFLO76E3enFpi9LvAR6/uhwvBnRj1crKZcYF19zakJ
efQY453/N7KTgFjHs0r/gT888VgU3S1QwFljfbeIfpWvINcFYDzySbxaobkO+Giq
UmkDHYxcu+3XRfsCzkPTaDRYTk8UR4Gwidh2ANYiGHtVaZRnykJYXUC5kPNOCwvf
xsjzsWnpbimIJ7IhMQDwwNnnGeWWxhX8+m8FnZid7Gv+bcSwzfPh6f8cbN9/azKf
kN9qb34k/dtlqgWKlnrp6hWGraAyO/DhOQVAkbPLAQG44tTXTN1oW2MVi4AwLndO
BWknANWf3uMrJd7znB//fopMxpHJObI2Y4NnoPRHbCPu4XCeILZunIvEDM3cpx2t
bLWK6M35gOmk9hBE+3gzjr6/e6+ksQ4L46dTtw0BKrekWtZuncN6Vj9ULB4Scy9u
T7/SNz+NNVXU/2z8eD6HepcyWl6/ZtFsTwRZC6WGJMOQx6xajXelLcLlLyW2/o0E
pKmWyyjDz2oztwKRrUjdCrVM4N5JQW7MzgdK3/+ul0+pTqwWmetTGOPha3An9BD/
h3n3aVEdaIr6NQ97S9Z+uDsimEQ30WI9p00pbkpyK4mDpJFtzq8=
=M7rh
-----END PGP SIGNATURE-----
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed