ports/xorg
3
0
Fork 0
Code Issues Pull Requests Activity
580fdf9024
xorg/xorg-server/.signature
Fredrik Rinnestam 6aa00ecd4e [notify] xorg-server: updated to 1.20.9. Fix for CVE-2020-14345 
CVE-2020-14346, CVE-2020-14361, CVE-2020-14362

Multiple input validation failures in X server extensions
=========================================================

All theses issuses  can lead to local privileges elevation
on systems where the X server is running privileged.

* CVE-2020-14345 / ZDI CAN 11428 XkbSetNames Out-Of-Bounds Access

The handler for the XkbSetNames request does not validate the request
length before accessing its contents.

* CVE-2020-14346 / ZDI CAN 11429 XIChangeHierarchy Integer Underflow

An integer underflow exists in the handler for the XIChangeHierarchy
request.

* CVE-2020-14361 / ZDI CAN 11573 XkbSelectEvents Integer Underflow

An integer underflow exist in the handler for the XkbSelectEvents
request.

* CVE-2020-1436 / ZDI CAN 11574 XRecordRegisterClients Integer Underflow

An integer underflow exist in the handler for the CreateRegister
request of the X record extension.
2020-08-25 20:15:00 +02:00

6 lines
426 B
Plaintext
Raw Blame History

untrusted comment: verify with /etc/ports/xorg.pub
RWTSGWF5Q7TndLiXG/Mse5mSkOO2Qzva0uXLVaAem+/I1MX/GcGGnjNs2okLKyzG3wB5Yffqou//IE6o6W/IQ9jld2nVIqqATQQ=
SHA256 (Pkgfile) = 5e27a4794eae50de0b5ed40522481ba0889d31016808f081cc50b16aee5a0b83
SHA256 (.footprint) = d159a275a4868001332954580ab4f70976c97a80334b157023935b36722e50cd
SHA256 (xorg-server-1.20.9.tar.bz2) = e219f2e0dfe455467939149d7cd2ee53b79b512cc1d2094ae4f5c9ed9ccd3571
Reference in New Issue View Git Blame Copy Permalink