MGASA-2020-0456
- Source
- https://advisories.mageia.org/MGASA-2020-0456.html
- Import Source
- https://advisories.mageia.org/MGASA-2020-0456.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2020-0456
- Related
- Published
- 2020-12-17T13:10:41Z
- Modified
- 2020-12-17T12:25:35Z
- Summary
- Updated x11-server packages fix security vulnerabilities
- Details
-
A flaw was found in the X.Org Server. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (CVE-2020-14360).
A flaw was found in xorg-x11-server. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (CVE-2020-25712).
The x11-server package has been updated to version 1.20.10, fixing these issues and other bugs.
- References
-
- https://advisories.mageia.org/MGASA-2020-0456.html
- https://bugs.mageia.org/show_bug.cgi?id=27701
- https://lists.x.org/archives/xorg-announce/2020-December/003066.html
- https://lists.x.org/archives/xorg-announce/2020-December/003067.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6NULSZT4JH6WPRE73VQI4A42OU32HKTH/
- https://ubuntu.com/security/notices/USN-4656-1
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:7 / x11-server
Package
- Name
- x11-server
- Purl
- pkg:rpm/mageia/x11-server?distro=mageia-7