Overview

File _patchinfo of Package patchinfo.27011

<patchinfo incident="27011">
  <issue tracker="cve" id="2022-46340"/>
  <issue tracker="cve" id="2022-46342"/>
  <issue tracker="cve" id="2022-46341"/>
  <issue tracker="cve" id="2022-46343"/>
  <issue tracker="cve" id="2022-46344"/>
  <issue tracker="cve" id="2022-4283"/>
  <issue tracker="bnc" id="1205877">VUL-0: EMBARGOED: CVE-2022-46341: xorg-x11-server, xwayland: Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381)</issue>
  <issue tracker="bnc" id="1205876">VUL-0: EMBARGOED: CVE-2022-46344: xorg-x11-server, xwayland: Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405)</issue>
  <issue tracker="bnc" id="1205874">VUL-0: EMBARGOED: CVE-2022-46340: xorg-x11-server, xwayland: Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265)</issue>
  <issue tracker="bnc" id="1205875">VUL-0: EMBARGOED: xorg-x11-server, xwayland: no ZDI-CAN id</issue>
  <issue tracker="bnc" id="1205879">VUL-0: EMBARGOED: CVE-2022-46342: xorg-x11-server, xwayland: Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400)</issue>
  <issue tracker="bnc" id="1205878">VUL-0: EMBARGOED: CVE-2022-46343: xorg-x11-server, xwayland: Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404)</issue>
  <issue tracker="bnc" id="1206017">VUL-0: EMBARGOED: CVE-2022-4283: xorg-x11-server, xwayland: XkbGetKbdByName use-after-free (ZDI-CAN-19530)</issue>
  <packager>sndirsch</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for xorg-x11-server</summary>
  <description>This update for xorg-x11-server fixes the following issues:

- CVE-2022-46340: Server XTestSwapFakeInput stack overflow (bsc#1205874)
- CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access (bsc#1205877)
- CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free (bsc#1205879)
- CVE-2022-46343: Server ScreenSaverSetAttributes use-after-free (bsc#1205878)
- CVE-2022-46344: Server XIChangeProperty out-of-bounds access (bsc#1205876)
- CVE-2022-4283: Reset the radio_groups pointer to NULL after freeing it (bsc#1206017)
- Xi: return an error from XI property changes if verification failed (bsc#1205875)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places