Overview

File _patchinfo of Package patchinfo.31076

<patchinfo incident="31076">
  <issue tracker="cve" id="2023-5574"/>
  <issue tracker="cve" id="2023-5380"/>
  <issue tracker="cve" id="2023-5367"/>
  <issue tracker="bnc" id="1216261">VUL-0: EMBARGOED: CVE-2023-5574: xorg-x11-server: Server Damage Object Use-After-Free Local Privilege Escalation Vulnerability</issue>
  <issue tracker="bnc" id="1216133">VUL-0: EMBARGOED: CVE-2023-5380: xorg-x11-server: Use-after-free bug in DestroyWindow</issue>
  <issue tracker="bnc" id="1216135">VUL-0: EMBARGOED: CVE-2023-5367: xorg-x11-server,xwayland,libXrandr,xorg-x11-libXrandr: fix handling of PropModeAppend/Prepend</issue>
  <packager>sndirsch</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for xorg-x11-server</summary>
  <description>This update for xorg-x11-server fixes the following issues:

- CVE-2023-5574: Fixed a privilege escalation issue that could be
  triggered via the Damage extension protocol (bsc#1216261).
- CVE-2023-5380: Fixed a memory safety issue that could be triggered
  when using multiple protocol screens (bsc#1216133).
- CVE-2023-5367: Fixed a memory safety issue in both the XI2 and RandR
  protocols (bsc#1216135).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places