MGASA-2020-0350

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2020-0350.html
Import Source
https://advisories.mageia.org/MGASA-2020-0350.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2020-0350
Related
Published
2020-08-27T15:52:56Z
Modified
2020-08-27T15:15:41Z
Summary
Updated x11-server packages fix security vulnerabilities
Details

The handler for the XkbSetNames request does not validate the request length before accessing its contents (CVE-2020-14345).

An integer underflow exists in the handler for the XIChangeHierarchy request (CVE-2020-14346).

An integer underflow exist in the handler for the XkbSelectEvents request (CVE-2020-14361).

An integer underflow exist in the handler for the CreateRegister request of the X record extension (CVE-2020-14362).

The x11-server package has been updated to version 1.20.9, fixing these issues and other bugs.

References
Credits

Affected packages

Mageia:7 / x11-server

Package

Name
x11-server
Purl
pkg:rpm/mageia/x11-server?distro=mageia-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.20.9-1.mga7

Ecosystem specific 

{
    "section": "core"
}