An userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update has been released for AlmaLinux.
ALSA-2021:1804 Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2021-05-18
Description
Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips.
The following packages have been upgraded to a later upstream version: egl-wayland (1.1.5), libdrm (2.4.103), libglvnd (1.3.2), libinput (1.16.3), libwacom (1.6), mesa (20.3.3), xorg-x11-server (1.20.10). (BZ#1878160, BZ#1886648, BZ#1887654, BZ#1887655)
Security Fix(es):
* xorg-x11-server: Out-of-bounds access in XkbSetNames function (CVE-2020-14345)
* xorg-x11-server: Integer underflow in the X input extension protocol (CVE-2020-14346)
* xorg-x11-server: Out-of-bounds access in XkbSetMap function (CVE-2020-14360)
* xorg-x11-server: XkbSelectEvents integer underflow privilege escalation vulnerability (CVE-2020-14361)
* xorg-x11-server: XRecordRegisterClients integer underflow privilege escalation vulnerability (CVE-2020-14362)
* libX11: Integer overflow leads to double free in locale handling (CVE-2020-14363)
* xorg-x11-server: XkbSetDeviceInfo heap-based buffer overflow privilege escalation vulnerability (CVE-2020-25712)
* libX11: Heap overflow in the X input method client (CVE-2020-14344)
* xorg-x11-server: Leak of uninitialized heap memory from the X server to clients in AllocatePixmap of dix/pixmap.c (CVE-2020-14347)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
CVE-2020-14344
CVE-2020-14345
CVE-2020-14346
CVE-2020-14347
CVE-2020-14360
CVE-2020-14361
CVE-2020-14362
CVE-2020-14363
CVE-2020-25712
Updates packages:
egl-wayland-1.1.5-3.el8.i686.rpm
egl-wayland-1.1.5-3.el8.x86_64.rpm
libX11-devel-1.6.8-4.el8.i686.rpm
libX11-devel-1.6.8-4.el8.x86_64.rpm
libX11-xcb-1.6.8-4.el8.i686.rpm
libX11-xcb-1.6.8-4.el8.x86_64.rpm
libdrm-2.4.103-1.el8.i686.rpm
libdrm-2.4.103-1.el8.x86_64.rpm
libdrm-devel-2.4.103-1.el8.i686.rpm
libdrm-devel-2.4.103-1.el8.x86_64.rpm
libglvnd-1.3.2-1.el8.i686.rpm
libglvnd-1.3.2-1.el8.x86_64.rpm
libglvnd-core-devel-1.3.2-1.el8.i686.rpm
libglvnd-core-devel-1.3.2-1.el8.x86_64.rpm
libglvnd-devel-1.3.2-1.el8.i686.rpm
libglvnd-devel-1.3.2-1.el8.x86_64.rpm
libglvnd-egl-1.3.2-1.el8.i686.rpm
libglvnd-egl-1.3.2-1.el8.x86_64.rpm
libglvnd-gles-1.3.2-1.el8.i686.rpm
libglvnd-gles-1.3.2-1.el8.x86_64.rpm
libglvnd-glx-1.3.2-1.el8.i686.rpm
libglvnd-glx-1.3.2-1.el8.x86_64.rpm
libglvnd-opengl-1.3.2-1.el8.i686.rpm
libglvnd-opengl-1.3.2-1.el8.x86_64.rpm
libinput-1.16.3-1.el8.i686.rpm
libinput-1.16.3-1.el8.x86_64.rpm
libinput-devel-1.16.3-1.el8.i686.rpm
libinput-devel-1.16.3-1.el8.x86_64.rpm
libinput-utils-1.16.3-1.el8.x86_64.rpm
libwacom-1.6-2.el8.i686.rpm
libwacom-1.6-2.el8.x86_64.rpm
libwacom-data-1.6-2.el8.noarch.rpm
libwacom-devel-1.6-2.el8.i686.rpm
libwacom-devel-1.6-2.el8.x86_64.rpm
mesa-dri-drivers-20.3.3-2.el8.i686.rpm
mesa-dri-drivers-20.3.3-2.el8.x86_64.rpm
mesa-filesystem-20.3.3-2.el8.i686.rpm
mesa-filesystem-20.3.3-2.el8.x86_64.rpm
mesa-libEGL-20.3.3-2.el8.i686.rpm
mesa-libEGL-20.3.3-2.el8.x86_64.rpm
mesa-libEGL-devel-20.3.3-2.el8.i686.rpm
mesa-libEGL-devel-20.3.3-2.el8.x86_64.rpm
mesa-libGL-20.3.3-2.el8.i686.rpm
mesa-libGL-20.3.3-2.el8.x86_64.rpm
mesa-libGL-devel-20.3.3-2.el8.i686.rpm
mesa-libGL-devel-20.3.3-2.el8.x86_64.rpm
mesa-libOSMesa-20.3.3-2.el8.i686.rpm
mesa-libOSMesa-20.3.3-2.el8.x86_64.rpm
mesa-libOSMesa-devel-20.3.3-2.el8.i686.rpm
mesa-libOSMesa-devel-20.3.3-2.el8.x86_64.rpm
mesa-libgbm-20.3.3-2.el8.i686.rpm
mesa-libgbm-20.3.3-2.el8.x86_64.rpm
mesa-libgbm-devel-20.3.3-2.el8.i686.rpm
mesa-libgbm-devel-20.3.3-2.el8.x86_64.rpm
mesa-libglapi-20.3.3-2.el8.i686.rpm
mesa-libglapi-20.3.3-2.el8.x86_64.rpm
mesa-libxatracker-20.3.3-2.el8.i686.rpm
mesa-libxatracker-20.3.3-2.el8.x86_64.rpm
mesa-vdpau-drivers-20.3.3-2.el8.i686.rpm
mesa-vdpau-drivers-20.3.3-2.el8.x86_64.rpm
mesa-vulkan-devel-20.3.3-2.el8.i686.rpm
mesa-vulkan-devel-20.3.3-2.el8.x86_64.rpm
mesa-vulkan-drivers-20.3.3-2.el8.i686.rpm
mesa-vulkan-drivers-20.3.3-2.el8.x86_64.rpm
xorg-x11-drivers-7.7-30.el8.x86_64.rpm
xorg-x11-server-Xdmx-1.20.10-1.el8.x86_64.rpm
xorg-x11-server-Xephyr-1.20.10-1.el8.x86_64.rpm
xorg-x11-server-Xnest-1.20.10-1.el8.x86_64.rpm
xorg-x11-server-Xorg-1.20.10-1.el8.x86_64.rpm
xorg-x11-server-Xvfb-1.20.10-1.el8.x86_64.rpm
xorg-x11-server-Xwayland-1.20.10-1.el8.x86_64.rpm
xorg-x11-server-common-1.20.10-1.el8.x86_64.rpm
xorg-x11-server-devel-1.20.10-1.el8.i686.rpm
xorg-x11-server-devel-1.20.10-1.el8.x86_64.rpm
xorg-x11-server-source-1.20.10-1.el8.noarch.rpm
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.
