[ubuntu/groovy-proposed] xorg-server 2:1.20.8-2ubuntu5 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed Sep 2 14:31:14 UTC 2020
xorg-server (2:1.20.8-2ubuntu5) groovy; urgency=medium
* SECURITY UPDATE: Integer underflow in the X input extension protocol
- debian/patches/CVE-2020-14346.patch: properly calculate length in
Xi/xichangehierarchy.c.
- CVE-2020-14346
* SECURITY UPDATE: server memory leak
- debian/patches/CVE-2020-14347.patch: initialize memory in
dix/pixmap.c.
- CVE-2020-14347
* SECURITY UPDATE: Integer Underflow Privilege Escalation
- debian/patches/CVE-2020-14361.patch: fix dataLeft calculation in
xkb/xkbSwap.c.
- CVE-2020-14361
* SECURITY UPDATE: Integer Underflow Privilege Escalation
- debian/patches/CVE-2020-14362.patch: properly calculate lengths in
record/record.c.
- CVE-2020-14362
* debian/control: add libffi-dev to Build-Depends to fix FTBFS.
Date: Wed, 02 Sep 2020 09:55:00 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu X-SWAT <ubuntu-x at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.8-2ubuntu5
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 02 Sep 2020 09:55:00 -0400
Source: xorg-server
Architecture: source
Version: 2:1.20.8-2ubuntu5
Distribution: groovy
Urgency: medium
Maintainer: Ubuntu X-SWAT <ubuntu-x at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
xorg-server (2:1.20.8-2ubuntu5) groovy; urgency=medium
.
* SECURITY UPDATE: Integer underflow in the X input extension protocol
- debian/patches/CVE-2020-14346.patch: properly calculate length in
Xi/xichangehierarchy.c.
- CVE-2020-14346
* SECURITY UPDATE: server memory leak
- debian/patches/CVE-2020-14347.patch: initialize memory in
dix/pixmap.c.
- CVE-2020-14347
* SECURITY UPDATE: Integer Underflow Privilege Escalation
- debian/patches/CVE-2020-14361.patch: fix dataLeft calculation in
xkb/xkbSwap.c.
- CVE-2020-14361
* SECURITY UPDATE: Integer Underflow Privilege Escalation
- debian/patches/CVE-2020-14362.patch: properly calculate lengths in
record/record.c.
- CVE-2020-14362
* debian/control: add libffi-dev to Build-Depends to fix FTBFS.
Checksums-Sha1:
58a69705523554b887bbe87e5533481ec389e4e3 4563 xorg-server_1.20.8-2ubuntu5.dsc
5f8c0ad63c22b4fb9439df47ec93a11254b96205 218929 xorg-server_1.20.8-2ubuntu5.diff.gz
623b6abbf60e2fcc59ef49b4ae89e1d55ee52d1b 11950 xorg-server_1.20.8-2ubuntu5_source.buildinfo
Checksums-Sha256:
0f6e01be9aad01244c00c8612fc6ece955c44a673d1e8881267498ef2a12d07e 4563 xorg-server_1.20.8-2ubuntu5.dsc
9f5f24f713fbb8e88cac781bc3ae0cd4e9ab3aa80b715e6c4b8d7ed85bdd8e0e 218929 xorg-server_1.20.8-2ubuntu5.diff.gz
85ce8d245b2ef9cf07b6b7d13a2cc9ac188a5703978830fcd503d5f292750d6f 11950 xorg-server_1.20.8-2ubuntu5_source.buildinfo
Files:
83c9d9838946cbfcbc9265683d08f71a 4563 x11 optional xorg-server_1.20.8-2ubuntu5.dsc
23c9790ac2cc185a3f37a183feba7539 218929 x11 optional xorg-server_1.20.8-2ubuntu5.diff.gz
4427e974d8d75cf8a49babd6fa9de906 11950 x11 optional xorg-server_1.20.8-2ubuntu5_source.buildinfo
Original-Maintainer: Debian X Strike Force <debian-x at lists.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl9Pq8cACgkQZWnYVadE
vpP0Eg/+JnuqMgstNcRAA12qwipyTri94TwqcLVv2mVRRc9Z098LuzNlViM7M2S2
c8Cs88rMpIDy5Rqy7t5TLcmVmOTOtDkn33UqvnodH3ZjzbYbPahlQhYb+2CYSmaC
XC/hecdR/L8nsQXpTBdedA/4Wdoa1nwuJhCv618Yj1w5WciwpXxJuTlzMGBRMaft
zqSR2NDVhHAf5fykAEpS66BoM8NJPCC1u+HX9uZYdKlHzyjpBmVpDkpnaZn9BwWV
I6jZCi+QpOkfV/RrKXvD/M+YBkIc+yBq3dNj93qpNCR3bprh/gmouxpYEnwnbDrX
x4JuE3EN32sRNOjlcDF2IhrkVqF+cgOFLZZdD9p0tWtAZgRzlII3+e1FC0SlEsKI
erSpuoGu8DV11anRo3kOakkBLfLOMK1CDtYrExI/8IUc7cVqNKsm20UTqrfWJU0a
ZX4FU5sTbTLsQeGWypU/PYofPVtHMvdtEe8DPC+nfXCU+EOeru+uUjFCauzORcFM
5/BRctZkhFwPnrg4o1aIn2V8tlTlBocaD3eTl/fXq2byT07fAxccUxqNFtwtvmip
+UFgfp0wv0Es9ypZwd2ch18AMrat4qLG5yeqx8LMm29Tw3g17uYlI/iQSxyiw6kn
xVK/fkuZ1hIsAXLlGTDnlKF3UTLf6iGdAKnkwK6IweUsDmVOTNs=
=mHez
-----END PGP SIGNATURE-----
More information about the Groovy-changes
mailing list