Bug 27206

Summary: x11-server new security issue CVE-2020-1434[56] and CVE-2020-1436[12]
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: sysadmin-bugs
Version: 7Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA7-64-OK
Source RPM: x11-server-1.20.8-1.1.mga7.src.rpm CVE:
Status comment:

Description David Walser 2020-08-26 23:04:35 CEST 
X.org has issued an advisory on August 25:
https://lists.x.org/archives/xorg-announce/2020-August/003058.html

The issues are fixed upstream in 1.20.9:
https://lists.x.org/archives/xorg-announce/2020-August/003059.html

Updated packages uploaded for Mageia 7 and Cauldron.

Advisory:
========================

Updated x11-server packages fix security vulnerabilities:

The handler for the XkbSetNames request does not validate the request length
before accessing its contents (CVE-2020-14345).

An integer underflow exists in the handler for the XIChangeHierarchy request
(CVE-2020-14346).

An integer underflow exist in the handler for the XkbSelectEvents request
(CVE-2020-14361).

An integer underflow exist in the handler for the CreateRegister request of
the X record extension (CVE-2020-14362).

The x11-server package has been updated to version 1.20.9, fixing these issues
and other bugs.

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362
https://lists.x.org/archives/xorg-announce/2020-August/003059.html
https://lists.x.org/archives/xorg-announce/2020-August/003058.html
========================

Updated packages in core/updates_testing:
========================
x11-server-1.20.9-1.mga7
x11-server-common-1.20.9-1.mga7
x11-server-xorg-1.20.9-1.mga7
x11-server-xnest-1.20.9-1.mga7
x11-server-xdmx-1.20.9-1.mga7
x11-server-xvfb-1.20.9-1.mga7
x11-server-xephyr-1.20.9-1.mga7
x11-server-xwayland-1.20.9-1.mga7
x11-server-devel-1.20.9-1.mga7
x11-server-source-1.20.9-1.mga7

from x11-server-1.20.9-1.mga7.src.rpm
Aurelien Oudelet 2020-08-27 08:26:31 CEST

QA Contact: (none) => security
Severity: normal => major

Aurelien Oudelet 2020-08-27 12:13:13 CEST

Component: RPM Packages => Security

Comment 1 Aurelien Oudelet 2020-08-27 12:16:17 CEST 
Work well with x11-driver-nvidia-current nonfree
Plasma 5.15
x86_64.
Suspend/Resume is OK also.
Aurelien Oudelet 2020-08-27 14:36:34 CEST

Whiteboard: (none) => MGA7-64-OK

Aurelien Oudelet 2020-08-27 14:43:58 CEST

Keywords: (none) => advisory

Aurelien Oudelet 2020-08-27 16:27:16 CEST

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 2 Mageia Robot 2020-08-27 17:54:09 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2020-0350.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED