Slackware 15.0: 2024-016-03 Urgent: xorg-server Memory Corruption
slackware
January 16, 2024
New xorg-server packages are available for Slackware 15.0 and -current to fix security issues
Summary
Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xorg-server-1.20.14-i586-11_slack15.0.txz: Rebuilt. This update fixes security issues: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer. Reattaching to different master device may lead to out-of-bounds memory access. Heap buffer overflow in XISendDeviceHierarchyEvent. Heap buffer overflow in DisableDevice. SELinux context corruption. SELinux unlabeled GLX PBuffer. For more information, see: https://lists.x.org/archives/xorg/2024-January/061525.html https://www.cve.org/CVERecord?id=CVE-2023-6816 https://www.cve.org/CVERecord?id=CVE-2024-0229 https://www.cve.org/CVERecord?id=CVE-2024-21885 https://www.cve.org/CVERecord?id=CVE-2024-21886 https://www.cve.org/CVERecord?id=CVE-2024-0408 https://www.cve.org/CVERecord?id=CVE-2024-0409 (* Security fix *) patches/packages/xorg-server-xephyr-1.20.14-i586-11_slack15.0.txz:
Read the Full Advisory
Topics Covered
Where Find New Packages
Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org/) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.
Updated packages for Slackware 15.0:
Updated packages for Slackware x86_64 15.0:
Updated packages for Slackware -current:
Updated packages for Slackware x86_64 -current:
MD5 Signatures
Slackware 15.0 packages:
cbfc1d90a9b15381b3fde1cc05d3393a xorg-server-1.20.14-i586-11_slack15.0.txz
13e01fa593096111f41c8de08b1bd407 xorg-server-xephyr-1.20.14-i586-11_slack15.0.txz
f81a8f96742881f732e3784ceefe42aa xorg-server-xnest-1.20.14-i586-11_slack15.0.txz
b223aa9470870a7f231d251597501605 xorg-server-xvfb-1.20.14-i586-11_slack15.0.txz
5a6593bafecb4f43f4404b31c959a91c xorg-server-xwayland-21.1.4-i586-10_slack15.0.txz
Slackware x86_64 15.0 packages:
cc3ae53ea9b14335b608a485344aae01 xorg-server-1.20.14-x86_64-11_slack15.0.txz
d52148237c62011adceaba103458718c xorg-server-xephyr-1.20.14-x86_64-11_slack15.0.txz
27c8dad2969a0551dadc1bdbc0a76b74 xorg-server-xnest-1.20.14-x86_64-11_slack15.0.txz
a9b04919e14289a4e10e1c361ba8c96c xorg-server-xvfb-1.20.14-x86_64-11_slack15.0.txz
8ed1857f20c19679edc79a6d4ce9a58d xorg-server-xwayland-21.1.4-x86_64-10_slack15.0.txz
Slackware -current packages:
d795fb2800b568f72e805652319a5bb9 x/xorg-server-21.1.11-i586-1.txz
b05c18e825d04e6a1b477b1da9dbc85c x/xorg-server-xephyr-21.1.11-i586-1.txz
01cde17a95b6664d99f65e35eb4a143c x/xorg-server-xnest-21.1.11-i586-1.txz
369134fd6e429782098a13b5fdebe3bf x/xorg-server-xvfb-21.1.11-i586-1.txz
088af0fe9440910f53cbb0c5f1534260 x/xorg-server-xwayland-23.2.4-i586-1.txz
Slackware x86_64 -current packages:
5e206bee3b5bd7984be71dc0d4f3bf95 x/xorg-server-21.1.11-x86_64-1.txz
1350d0aa457d88076e59869b7f987382 x/xorg-server-xephyr-21.1.11-x86_64-1.txz
9b3b568a4a59cabe5571efdf08a279b6 x/xorg-server-xnest-21.1.11-x86_64-1.txz
a197b434af664928dd02f9cef6ae1f9a x/xorg-server-xvfb-21.1.11-x86_64-1.txz
6f0c97a807cc2d14d3eb36b22e5f17e0 x/xorg-server-xwayland-23.2.4-x86_64-1.txz
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Installation instructions: Upgrade the packages as root: # upgradepkg xorg-server-*.txz
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!