| Summary: | x11-server, x11-server-xwayland new security issues CVE-2022-355[01] | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, brtians1, davidwhodgins, fri, sysadmin-bugs, tmb |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | x11-server-21.1.4-1.mga9.src.rpm, x11-server-xwayland-22.1.3-1.mga9.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2022-11-02 22:07:18 CET
David Walser
2022-11-02 22:07:29 CET
Whiteboard:
(none) =>
MGA8TOO Equivalent openSUSE advisory: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FJY277PW6YAVPJTYNNLHBG2IH4BEALZT/ These SRPMS are nominally with tv, so assigning this bug to you. Noticing that tmb has done most of recent updates to both, CC'ing you. Assignee:
bugsquad =>
thierry.vignaud openSUSE has issued an advisory for xwayland today (November 10): https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3FYL6LL3R5FHAPM6C4AYXJAYVE6XH36D/ Debian-LTS has issued an advisory for x11-server on November 10: https://www.debian.org/lts/security/2022/dla-3185 Cauldron already have xwayland 22.1.5 Cauldrn x11-server fixed in x11-server-21.1.4-2.mga9 just submitted. Whiteboard:
MGA8TOO =>
(none) SRPM: x11-server-1.20.14-4.mga8.src.rpm i586: x11-server-1.20.14-4.mga8.i586.rpm x11-server-common-1.20.14-4.mga8.i586.rpm x11-server-devel-1.20.14-4.mga8.i586.rpm x11-server-source-1.20.14-4.mga8.noarch.rpm x11-server-xdmx-1.20.14-4.mga8.i586.rpm x11-server-xephyr-1.20.14-4.mga8.i586.rpm x11-server-xnest-1.20.14-4.mga8.i586.rpm x11-server-xorg-1.20.14-4.mga8.i586.rpm x11-server-xvfb-1.20.14-4.mga8.i586.rpm x11-server-xwayland-1.20.14-4.mga8.i586.rpm x86_64: x11-server-1.20.14-4.mga8.x86_64.rpm x11-server-common-1.20.14-4.mga8.x86_64.rpm x11-server-devel-1.20.14-4.mga8.x86_64.rpm x11-server-source-1.20.14-4.mga8.noarch.rpm x11-server-xdmx-1.20.14-4.mga8.x86_64.rpm x11-server-xephyr-1.20.14-4.mga8.x86_64.rpm x11-server-xnest-1.20.14-4.mga8.x86_64.rpm x11-server-xorg-1.20.14-4.mga8.x86_64.rpm x11-server-xvfb-1.20.14-4.mga8.x86_64.rpm x11-server-xwayland-1.20.14-4.mga8.x86_64.rpm Assignee:
thierry.vignaud =>
qa-bugs MGA8-64, Xfce, Celeron This is a laptop I actively use, so restricting installs to objects already present. The following 3 packages are going to be installed: - x11-server-common-1.20.14-4.mga8.x86_64 - x11-server-xorg-1.20.14-4.mga8.x86_64 - x11-server-xwayland-1.20.14-4.mga8.x86_64 64B of additional disk space will be used. -- rebooted Working as expected. CC:
(none) =>
brtians1 MGA8-64 Plasma, i5-2500, Intel graphics. No installation issues. This system has been run for roughly 24 hours since updating, doing normal tasks, shut down in the evening and rebooted the next day, all with no ill effects noted. CC:
(none) =>
andrewsfarm mga8-64, Plasma, nvidia-current, backport kernel My usual workstation "svarten" - x11-server-common-1.20.14-4.mga8.x86_64 - x11-server-xephyr-1.20.14-4.mga8.x86_64 - x11-server-xnest-1.20.14-4.mga8.x86_64 - x11-server-xorg-1.20.14-4.mga8.x86_64 - x11-server-xwayland-1.20.14-4.mga8.x86_64 Reboot works, incl VirtuaBox MSW7 guest. CC:
(none) =>
fri No regressions noticed. Advisory committed to svn. Validating the update. CC:
(none) =>
davidwhodgins, sysadmin-bugs An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0431.html Status:
NEW =>
RESOLVED
David Walser
2022-12-15 04:11:04 CET
Status comment:
Patches available from upstream =>
(none) |