FEDORA-2024-dd905788c4 — security update for xorg-x11-server-Xwayland

unpushed

xorg-x11-server-Xwayland-22.1.9-6.fc38

FEDORA-2024-dd905788c4 created by ofourdan a year ago for Fedora 38

CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31083

This update has been submitted for testing by ofourdan.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'passed'.

a year ago

ofourdan edited this update.

a year ago

ofourdan edited this update.

a year ago

This update has been pushed to testing.

a year ago

ofourdan commented & provided feedback a year ago

Unpush, something fishy, see https://gitlab.freedesktop.org/xorg/xserver/-/issues/1659

ofourdan commented a year ago

This update has been unpushed.

Please log in to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

passed

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

14 days

Thresholds

Minimum Karma

Minimum Testing

14 days

Dates

submitted

a year ago

in testing

a year ago

modified

a year ago

Builds

xorg-x11-server-Xwayland-22.1.9-6.fc38

BZ#2271997 CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents

BZ#2271998 CVE-2024-31081 xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice

BZ#2272000 CVE-2024-31083 xorg-x11-server: User-after-free in ProcRenderAddGlyphs

BZ#2273316 CVE-2024-31083 xorg-x11-server-Xwayland: xorg-x11-server: User-after-free in ProcRenderAddGlyphs [fedora-all]

BZ#2273321 CVE-2024-31080 xorg-x11-server-Xwayland: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents [fedora-all]

BZ#2273327 CVE-2024-31081 xorg-x11-server-Xwayland: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice [fedora-all]

xorg-x11-server-Xwayland-22.1.9-6.fc38

Automated Test Results

passed