SUSE-SU-2021:4071-1

Опубликовано: 14 дек. 2021

Источник: suse-cvrf

Описание

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues:

CVE-2021-4008: Fixed Privilege Escalation Vulnerability via Out-Of-Bounds Access in SProcRenderCompositeGlyphs (bsc#1193030).

Список пакетов

Image SLES15-SP1-SAPCAL-Azure

xorg-x11-server-1.20.3-14.5.19.1

Image SLES15-SP1-SAPCAL-EC2-HVM

xorg-x11-server-1.20.3-14.5.19.1

Image SLES15-SP1-SAPCAL-GCE

xorg-x11-server-1.20.3-14.5.19.1

SUSE Enterprise Storage 6

xorg-x11-server-1.20.3-14.5.19.1

xorg-x11-server-extra-1.20.3-14.5.19.1

xorg-x11-server-sdk-1.20.3-14.5.19.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

xorg-x11-server-1.20.3-14.5.19.1

xorg-x11-server-extra-1.20.3-14.5.19.1

xorg-x11-server-sdk-1.20.3-14.5.19.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

xorg-x11-server-1.20.3-14.5.19.1

xorg-x11-server-extra-1.20.3-14.5.19.1

xorg-x11-server-sdk-1.20.3-14.5.19.1

SUSE Linux Enterprise Server 15 SP1-BCL

xorg-x11-server-1.20.3-14.5.19.1

xorg-x11-server-extra-1.20.3-14.5.19.1

xorg-x11-server-sdk-1.20.3-14.5.19.1

SUSE Linux Enterprise Server 15 SP1-LTSS

xorg-x11-server-1.20.3-14.5.19.1

xorg-x11-server-extra-1.20.3-14.5.19.1

xorg-x11-server-sdk-1.20.3-14.5.19.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

xorg-x11-server-1.20.3-14.5.19.1

xorg-x11-server-extra-1.20.3-14.5.19.1

xorg-x11-server-sdk-1.20.3-14.5.19.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20214071-1/
Link for SUSE-SU-2021:4071-1
https://lists.suse.com/pipermail/sle-security-updates/2021-December/009900.html
E-Mail link for SUSE-SU-2021:4071-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1193030
SUSE Bug 1193030
https://www.suse.com/security/cve/CVE-2021-4008/
SUSE CVE CVE-2021-4008 page

Описание

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Затронутые продукты

Image SLES15-SP1-SAPCAL-Azure:xorg-x11-server-1.20.3-14.5.19.1

Image SLES15-SP1-SAPCAL-EC2-HVM:xorg-x11-server-1.20.3-14.5.19.1

Image SLES15-SP1-SAPCAL-GCE:xorg-x11-server-1.20.3-14.5.19.1

SUSE Enterprise Storage 6:xorg-x11-server-1.20.3-14.5.19.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-4008.html
CVE-2021-4008
https://bugzilla.suse.com/1193030
SUSE Bug 1193030
https://bugzilla.suse.com/1194308
SUSE Bug 1194308
https://bugzilla.suse.com/1196656
SUSE Bug 1196656

SUSE-SU-2021:4071-1

Описание

Список пакетов

Image SLES15-SP1-SAPCAL-Azure

Image SLES15-SP1-SAPCAL-EC2-HVM

Image SLES15-SP1-SAPCAL-GCE

SUSE Enterprise Storage 6

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP1-BCL

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

Ссылки

Уязвимость: CVE-2021-4008

Описание

Затронутые продукты

Ссылки