Описание
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues:
- CVE-2022-3550: Fixed out of bounds read/write in _GetCountedString() (bsc#1204412).
- CVE-2022-3551: Fixed various leaks of the return value of GetComponentSpec() (bsc#1204416).
Список пакетов
Image SLES15-SP1-SAPCAL-Azure
xorg-x11-server-1.20.3-150100.14.5.28.1
Image SLES15-SP1-SAPCAL-EC2-HVM
xorg-x11-server-1.20.3-150100.14.5.28.1
Image SLES15-SP1-SAPCAL-GCE
xorg-x11-server-1.20.3-150100.14.5.28.1
SUSE Enterprise Storage 6
xorg-x11-server-1.20.3-150100.14.5.28.1
xorg-x11-server-extra-1.20.3-150100.14.5.28.1
xorg-x11-server-sdk-1.20.3-150100.14.5.28.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
xorg-x11-server-1.20.3-150100.14.5.28.1
xorg-x11-server-extra-1.20.3-150100.14.5.28.1
xorg-x11-server-sdk-1.20.3-150100.14.5.28.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
xorg-x11-server-1.20.3-150100.14.5.28.1
xorg-x11-server-extra-1.20.3-150100.14.5.28.1
xorg-x11-server-sdk-1.20.3-150100.14.5.28.1
SUSE Linux Enterprise Server 15 SP1-BCL
xorg-x11-server-1.20.3-150100.14.5.28.1
xorg-x11-server-extra-1.20.3-150100.14.5.28.1
xorg-x11-server-sdk-1.20.3-150100.14.5.28.1
SUSE Linux Enterprise Server 15 SP1-LTSS
xorg-x11-server-1.20.3-150100.14.5.28.1
xorg-x11-server-extra-1.20.3-150100.14.5.28.1
xorg-x11-server-sdk-1.20.3-150100.14.5.28.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
xorg-x11-server-1.20.3-150100.14.5.28.1
xorg-x11-server-extra-1.20.3-150100.14.5.28.1
xorg-x11-server-sdk-1.20.3-150100.14.5.28.1
Ссылки
- Link for SUSE-SU-2022:3856-1
- E-Mail link for SUSE-SU-2022:3856-1
- SUSE Security Ratings
- SUSE Bug 1204412
- SUSE Bug 1204416
- SUSE CVE CVE-2022-3550 page
- SUSE CVE CVE-2022-3551 page
Описание
A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051.
Затронутые продукты
Image SLES15-SP1-SAPCAL-Azure:xorg-x11-server-1.20.3-150100.14.5.28.1
Image SLES15-SP1-SAPCAL-EC2-HVM:xorg-x11-server-1.20.3-150100.14.5.28.1
Image SLES15-SP1-SAPCAL-GCE:xorg-x11-server-1.20.3-150100.14.5.28.1
SUSE Enterprise Storage 6:xorg-x11-server-1.20.3-150100.14.5.28.1
Ссылки
- CVE-2022-3550
- SUSE Bug 1204412
- SUSE Bug 1204808
- SUSE Bug 1205071
- SUSE Bug 1206243
- SUSE Bug 1208344
- SUSE Bug 1209331
Описание
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.
Затронутые продукты
Image SLES15-SP1-SAPCAL-Azure:xorg-x11-server-1.20.3-150100.14.5.28.1
Image SLES15-SP1-SAPCAL-EC2-HVM:xorg-x11-server-1.20.3-150100.14.5.28.1
Image SLES15-SP1-SAPCAL-GCE:xorg-x11-server-1.20.3-150100.14.5.28.1
SUSE Enterprise Storage 6:xorg-x11-server-1.20.3-150100.14.5.28.1
Ссылки
- CVE-2022-3551
- SUSE Bug 1204416