diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-04-12 22:26:16 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-04-12 22:26:16 +0200 |
commit | 44506406315b832ed6de260c1c8125bb87bdcf71 (patch) | |
tree | 51d993b14bf5395cf8b5bedc7d26dd41c51da23f | |
parent | 8cdf05aad806559606831b45d178a10aa35ca409 (diff) |
Reserve DSA number for xorg-server update
-rw-r--r-- | data/CVE/list | 2 | ||||
-rw-r--r-- | data/DSA/list | 4 | ||||
-rw-r--r-- | data/dsa-needed.txt | 4 |
3 files changed, 6 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index 46f017f0d8..2204299b38 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3639,6 +3639,8 @@ CVE-2024-31083 (A use-after-free vulnerability was found in the ProcRenderAddGly NOTE: Followup to fix regression: https://gitlab.freedesktop.org/xorg/xserver/-/commit/337d8d48b618d4fc0168a7b978be4c3447650b04 CVE-2024-31082 (A heap-based buffer over-read vulnerability was found in the X.org ser ...) - xorg-server 2:21.1.11-3 (unimportant) + [bookworm] - xorg-server 2:21.1.7-3+deb12u7 + [bullseye] - xorg-server 2:1.20.11-1+deb11u13 NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/xserver/-/commit/6c684d035c06fd41c727f0ef0744517580864cef NOTE: https://lists.x.org/archives/xorg-announce/2024-April/003497.html NOTE: Affects the XQuartz (X11 server and client libraries for macOS) component diff --git a/data/DSA/list b/data/DSA/list index b9255e74fb..a4112ead06 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,7 @@ +[12 Apr 2024] DSA-5657-1 xorg-server - security update + {CVE-2024-31080 CVE-2024-31081 CVE-2024-31083} + [bullseye] - xorg-server 2:1.20.11-1+deb11u13 + [bookworm] - xorg-server 2:21.1.7-3+deb12u7 [11 Apr 2024] DSA-5656-1 chromium - security update {CVE-2024-3157 CVE-2024-3515 CVE-2024-3516} [bookworm] - chromium 123.0.6312.122-1~deb12u1 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 78d0f7b2db..e5df911390 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -96,9 +96,5 @@ webkit2gtk (berto) -- wpa -- -xorg-server (carnil) - Regression by last round: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1659 - Holding back update until addressed, cf. #1068470 --- zabbix -- |