Change log for xorg-server-hwe-18.04 package in Ubuntu
| 1 → 16 of 16 results | First • Previous • Next • Last |
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.11) bionic-security; urgency=medium
* SECURITY UPDATE: Overlay Window Use-After-Free
- debian/patches/CVE-2023-1393.patch: fix use-after-free of the COW in
composite/compwindow.c.
- CVE-2023-1393
-- Marc Deslauriers <email address hidden> Wed, 29 Mar 2023 09:26:59 -0400
Available diffs
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.10) bionic-security; urgency=medium
* SECURITY UPDATE: DeepCopyPointerClasses use-after-free
- debian/patches/CVE-2023-0494.patch: fix potential use-after-free in
Xi/exevents.c.
- CVE-2023-0494
-- Marc Deslauriers <email address hidden> Tue, 07 Feb 2023 08:03:38 -0500
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.9) bionic-security; urgency=medium
* SECURITY UPDATE: XTestSwapFakeInput stack overflow
- debian/patches/CVE-2022-46340.patch: disallow GenericEvents in
XTestSwapFakeInput in Xext/xtest.c.
- CVE-2022-46340
* SECURITY UPDATE: XIPassiveUngrabDevice out-of-bounds access
- debian/patches/CVE-2022-46341.patch: disallow passive grabs with a
detail > 255 in Xi/xipassivegrab.c.
- CVE-2022-46341
* SECURITY UPDATE: XvdiSelectVideoNotify use-after-free
- debian/patches/CVE-2022-46342.patch: free the XvRTVideoNotify when
turning off from the same client in Xext/xvmain.c.
- CVE-2022-46342
* SECURITY UPDATE: ScreenSaverSetAttributes use-after-free
- debian/patches/CVE-2022-46343.patch: free the screen saver resource
when replacing it in Xext/saver.c.
- CVE-2022-46343
* SECURITY UPDATE: XIChangeProperty out-of-bounds access
- debian/patches/CVE-2022-46344-1.patch: return an error from XI
property changes if verification failed in Xi/xiproperty.c.
- debian/patches/CVE-2022-46344-2.patch: avoid integer truncation in
length check of ProcXIChangeProperty in Xi/xiproperty.c.
- CVE-2022-46344
* SECURITY UPDATE: XkbGetKbdByName use-after-free
- debian/patches/CVE-2022-4283.patch: reset the radio_groups pointer to
NULL after freeing it in xkb/xkbUtils.c.
- CVE-2022-4283
-- Marc Deslauriers <email address hidden> Wed, 07 Dec 2022 09:15:34 -0500
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.8) bionic-security; urgency=medium
* SECURITY UPDATE: GetCountedString Buffer Overflow
- debian/patches/CVE-2022-3550.patch: add a check for client->req_len
size for _GetCountedString in xkb/xkb.c.
- CVE-2022-3550
* SECURITY UPDATE: ProcXkbGetKbdByName Memory Leak
- debian/patches/CVE-2022-3551.patch: add calls to free allocated
memory if the execution reaches failures in ProcXkbGetKbdByName
in xkb/xkb.c.
- CVE-2022-3551
-- Rodrigo Figueiredo Zaiden <email address hidden> Tue, 22 Nov 2022 11:43:23 -0300
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.7) bionic-security; urgency=medium
* SECURITY UPDATE: ProcXkbSetGeometry Out-Of-Bounds Access
- debian/patches/CVE-2022-2319-pre1.patch: switch to array index loops
to moving pointers in xkb/xkb.c.
- debian/patches/CVE-2022-2319.patch: add request length validation for
XkbSetGeometry in xkb/xkb.c.
- CVE-2022-2319
* SECURITY UPDATE: ProcXkbSetDeviceInfo Out-Of-Bounds Access
- debian/patches/CVE-2022-2320.patch: swap XkbSetDeviceInfo and
XkbSetDeviceInfoCheck in xkb/xkb.c.
- CVE-2022-2320
-- Marc Deslauriers <email address hidden> Wed, 06 Jul 2022 10:40:21 -0400
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.6) bionic-security; urgency=medium
* SECURITY UPDATE: SProcRenderCompositeGlyphs out-of-bounds access
- debian/patches/CVE-2021-4008.patch: check lengths in render/render.c.
- CVE-2021-4008
* SECURITY UPDATE: SProcXFixesCreatePointerBarrier out-of-bounds access
- debian/patches/CVE-2021-4009.patch: use sizes in xfixes/cursor.c.
- CVE-2021-4009
* SECURITY UPDATE: SProcScreenSaverSuspend out-of-bounds access
- debian/patches/CVE-2021-4010.patch: fix logic in Xext/saver.c.
- CVE-2021-4010
* SECURITY UPDATE: SwapCreateRegister out-of-bounds access
- debian/patches/CVE-2021-4011.patch: fix length in record/record.c.
- CVE-2021-4011
-- Marc Deslauriers <email address hidden> Tue, 14 Dec 2021 09:34:57 -0500
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.5) bionic-security; urgency=medium
* SECURITY UPDATE: XChangeFeedbackControl Integer Underflow
- debian/patches/CVE-2021-3472.patch: add check to Xi/chgfctl.c.
- CVE-2021-3472
-- Marc Deslauriers <email address hidden> Thu, 08 Apr 2021 09:40:27 -0400
Available diffs
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.4) bionic-security; urgency=medium
* SECURITY UPDATE: out of bounds memory accesses on too short request
- debian/patches/CVE-2020-14360.patch: check SetMap request length
carefully in xkb/xkb.c.
- CVE-2020-14360
* SECURITY UPDATE: multiple heap overflows
- debian/patches/CVE-2020-25712.patch: add bounds checks in xkb/xkb.c.
- CVE-2020-25712
-- Marc Deslauriers <email address hidden> Mon, 30 Nov 2020 12:59:23 -0500
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.3) bionic-security; urgency=medium
* SECURITY UPDATE: Out-Of-Bounds access in XkbSetNames function
- debian/patches/CVE-2020-14345.patch: correct bounds checking in
xkb/xkb.c.
- CVE-2020-14345
-- Marc Deslauriers <email address hidden> Fri, 04 Sep 2020 09:36:23 -0400
Available diffs
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: Integer underflow in the X input extension protocol
- debian/patches/CVE-2020-14346.patch: properly calculate length in
Xi/xichangehierarchy.c.
- CVE-2020-14346
* SECURITY UPDATE: server memory leak
- debian/patches/CVE-2020-14347.patch: initialize memory in
dix/pixmap.c.
- CVE-2020-14347
* SECURITY UPDATE: Integer Underflow Privilege Escalation
- debian/patches/CVE-2020-14361.patch: fix dataLeft calculation in
xkb/xkbSwap.c.
- CVE-2020-14361
* SECURITY UPDATE: Integer Underflow Privilege Escalation
- debian/patches/CVE-2020-14362.patch: properly calculate lengths in
record/record.c.
- CVE-2020-14362
-- Marc Deslauriers <email address hidden> Mon, 31 Aug 2020 10:22:35 -0400
Available diffs
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.2~18.04.1) bionic; urgency=medium * Backport to 18.04. (LP: #1883497) -- Timo Aaltonen <email address hidden> Fri, 03 Jul 2020 10:00:25 +0300
Available diffs
xorg-server-hwe-18.04 (2:1.20.8-2ubuntu2.1~18.04.1) bionic; urgency=medium * Backport for 18.04.5 HWE stack update. (LP: #1876882) * control: Relax debhelper requirement. * control: Relax libepoxy-dev requirement, we don't need EGL_MESA_query_driver on bionic. * rules: xdmx-tools isn't packaged, so don't try to skip it. -- Timo Aaltonen <email address hidden> Thu, 14 May 2020 22:05:06 +0300
Available diffs
xorg-server-hwe-18.04 (2:1.20.5+git20191008-0ubuntu1~18.04.1) bionic; urgency=medium * Backport for 18.04.4 HWE stack update. (LP: #1848522) -- Timo Aaltonen <email address hidden> Wed, 18 Dec 2019 10:15:29 +0200
| Superseded in bionic-proposed |
xorg-server-hwe-18.04 (2:1.20.4-1ubuntu3~18.04.2) bionic; urgency=medium
* dri2-set-fallback-names-amd-intel.diff: Use a fallback driver for
AMD and Intel. (LP: #1845149)
-- Timo Aaltonen <email address hidden> Tue, 24 Sep 2019 12:42:06 +0300
Available diffs
xorg-server-hwe-18.04 (2:1.20.4-1ubuntu3~18.04.1) bionic; urgency=medium * Backport for 18.04.3 HWE stack update. (LP: #1824111) -- Timo Aaltonen <email address hidden> Thu, 02 May 2019 11:06:54 +0300
Available diffs
xorg-server-hwe-18.04 (2:1.20.1-3ubuntu2.1~18.04.1) bionic; urgency=medium * Backport for 18.04.2 HWE stack update. (LP: #1798597) -- Timo Aaltonen <email address hidden> Tue, 27 Nov 2018 19:27:12 +0200
| 1 → 16 of 16 results | First • Previous • Next • Last |
