Debian 10159 Published by

A xorg-server security update has been released for Debian GNU/Linux 8 Extended LTS to address out-of-bounds access or integer underflows issues.



ELA-272-1 xorg-server security update

Package xorg-server
Version 2:1.16.4-1+deb8u3
Related CVEs CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-14361 CVE-2020-14362

Basically all issues in xorg-server, the X server from xorg, are out-of-bounds access or integer underflows in different request handlers. One CVE is about a leak of uninitialize heap memory to clients.

For Debian 8 jessie, these problems have been fixed in version 2:1.16.4-1+deb8u3.

We recommend that you upgrade your xorg-server packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-272-1 xorg-server security update