DebianDEBIAN:DSA-4893-1:7BF79

HistoryApr 19, 2021 - 3:00 p.m.

[SECURITY] [DSA 4893-1] xorg-server security update

2021-04-1915:00:32

lists.debian.org

0.0004 Low

EPSS

Percentile

10.3%

JSON

Debian Security Advisory DSA-4893-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
April 19, 2021 https://www.debian.org/security/faq

Package : xorg-server
CVE ID : CVE-2021-3472

Jan-Niklas Sohn discovered that missing input sanitising in the XInput
extension of the X.org X server may result in privilege escalation if
the X server is running privileged.

For the stable distribution (buster), this problem has been fixed in
version 2:1.20.4-1+deb10u3.

We recommend that you upgrade your xorg-server packages.

For the detailed security status of xorg-server please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9amd64xserver-xephyr< 1.19.2-1+deb9u8xserver-xephyr_1.19.2-1+deb9u8_amd64.deb
Debian9armelxdmx< 1.19.2-1+deb9u8xdmx_1.19.2-1+deb9u8_armel.deb
Debian10mips64elxserver-xorg-legacy< 1.20.4-1+deb10u3xserver-xorg-legacy_1.20.4-1+deb10u3_mips64el.deb
Debian10mips64elxdmx< 1.20.4-1+deb10u3xdmx_1.20.4-1+deb10u3_mips64el.deb
Debian9arm64xserver-xorg-legacy< 1.19.2-1+deb9u8xserver-xorg-legacy_1.19.2-1+deb9u8_arm64.deb
Debian9armelxserver-xorg-core-udeb< 1.19.2-1+deb9u8xserver-xorg-core-udeb_1.19.2-1+deb9u8_armel.deb
Debian10mipsxvfb< 1.20.4-1+deb10u3xvfb_1.20.4-1+deb10u3_mips.deb
Debian10i386xdmx-tools-dbgsym< 1.20.4-1+deb10u3xdmx-tools-dbgsym_1.20.4-1+deb10u3_i386.deb
Debian10amd64xserver-xorg-legacy-dbgsym< 1.20.4-1+deb10u3xserver-xorg-legacy-dbgsym_1.20.4-1+deb10u3_amd64.deb
Debian10armhfxdmx-dbgsym< 1.20.4-1+deb10u3xdmx-dbgsym_1.20.4-1+deb10u3_armhf.deb

OS	Version	Architecture	Package	Version	Filename
Debian	9	amd64	xserver-xephyr	< 1.19.2-1+deb9u8	xserver-xephyr_1.19.2-1+deb9u8_amd64.deb
Debian	9	armel	xdmx	< 1.19.2-1+deb9u8	xdmx_1.19.2-1+deb9u8_armel.deb
Debian	10	mips64el	xserver-xorg-legacy	< 1.20.4-1+deb10u3	xserver-xorg-legacy_1.20.4-1+deb10u3_mips64el.deb
Debian	10	mips64el	xdmx	< 1.20.4-1+deb10u3	xdmx_1.20.4-1+deb10u3_mips64el.deb
Debian	9	arm64	xserver-xorg-legacy	< 1.19.2-1+deb9u8	xserver-xorg-legacy_1.19.2-1+deb9u8_arm64.deb
Debian	9	armel	xserver-xorg-core-udeb	< 1.19.2-1+deb9u8	xserver-xorg-core-udeb_1.19.2-1+deb9u8_armel.deb
Debian	10	mips	xvfb	< 1.20.4-1+deb10u3	xvfb_1.20.4-1+deb10u3_mips.deb
Debian	10	i386	xdmx-tools-dbgsym	< 1.20.4-1+deb10u3	xdmx-tools-dbgsym_1.20.4-1+deb10u3_i386.deb
Debian	10	amd64	xserver-xorg-legacy-dbgsym	< 1.20.4-1+deb10u3	xserver-xorg-legacy-dbgsym_1.20.4-1+deb10u3_amd64.deb
Debian	10	armhf	xdmx-dbgsym	< 1.20.4-1+deb10u3	xdmx-dbgsym_1.20.4-1+deb10u3_armhf.deb

Rows per page:

1-10 of 2361

[SECURITY] [DSA 4893-1] xorg-server security update

Related