X.org has issued an advisory on August 25: https://lists.x.org/archives/xorg-announce/2020-August/003056.html The issue is fixed upstream in 1.6.12: https://lists.x.org/archives/xorg-announce/2020-August/003057.html Updated packages uploaded for Mageia 7 and Cauldron. Advisory: ======================== Updated libx11 packages fix security vulnerability: There is an integer overflow and a double free vulnerability in the way LibX11 handles locales. The integer overflow is a necessary precursor to the double free (CVE-2020-14363). The libx11 package has been updated to version 1.6.12 which fixes this issue. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14363 https://lists.x.org/archives/xorg-announce/2020-August/003053.html https://lists.x.org/archives/xorg-announce/2020-August/003057.html https://lists.x.org/archives/xorg-announce/2020-August/003056.html ======================== Updated packages in core/updates_testing: ======================== libx11_6-1.6.12-1.mga7 libx11-xcb1-1.6.12-1.mga7 libx11-devel-1.6.12-1.mga7 libx11-common-1.6.12-1.mga7 libx11-doc-1.6.12-1.mga7 from libx11-1.6.12-1.mga7.src.rpm
Work well on mga 7 with x11-driver-nvidia-current non-free x86_64 version
Whiteboard: (none) => MGA7-64-OK
Keywords: (none) => advisory
CC: (none) => sysadmin-bugsKeywords: (none) => validated_update
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0349.html
Status: NEW => RESOLVEDResolution: (none) => FIXED