Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 494
Alerts This Week
Warning Icon 1 494

openSUSE 15.5: 2024:0212-1 Moderate: Xwayland SELinux Issues

opensuse
Calendar Grey January 24, 2024
Dist Opensuse Esm H88
A recent patch for xwayland resolves SELinux-related problems, such as context mishandling and labeling issues in GLX PBuffer. Essential corrections.
This update for xwayland fixes the following issues: CVE-2024-0408: Fixed SELinux unlabeled GLX PBuffer

Description

This update for xwayland fixes the following issues:

* CVE-2024-0408: Fixed SELinux unlabeled GLX PBuffer. (bsc#1218845)

* CVE-2024-0409: Fixed SELinux context corruption. (bsc#1218846)

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5

zypper in -t patch SUSE-2024-212=1 openSUSE-SLE-15.5-2024-212=1

* SUSE Linux Enterprise Workstation Extension 15 SP5

zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-212=1

Package List

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)

* xwayland-devel-22.1.5-150500.7.17.1

* xwayland-22.1.5-150500.7.17.1

* xwayland-debuginfo-22.1.5-150500.7.17.1

* xwayland-debugsource-22.1.5-150500.7.17.1

* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)

* xwayland-22.1.5-150500.7.17.1

* xwayland-debuginfo-22.1.5-150500.7.17.1

* xwayland-debugsource-22.1.5-150500.7.17.1

References

* bsc#1218845

* bsc#1218846

## References:

* https://www.suse.com/security/cve/CVE-2024-0408.html

* https://www.suse.com/security/cve/CVE-2024-0409.html

* https://bugzilla.suse.com/show_bug.cgi?id=1218845

* https://bugzilla.suse.com/show_bug.cgi?id=1218846

Announcement ID: SUSE-SU-2024:0212-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.