xorg-x11-server-1.20.11-5.el8, xorg-x11-server-Xwayland-21.1.3-2.el8

エラータID: AXSA:2022-3547:01

Release date: 
Thursday, July 14, 2022 - 14:11
Subject: 
xorg-x11-server-1.20.11-5.el8, xorg-x11-server-Xwayland-21.1.3-2.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

X.Org is an open-source implementation of the X Window System. It provides the
basic low-level functionality that full-fledged graphical user interfaces are
designed upon.

Xwayland is an X server for running X clients under Wayland.

The following packages have been upgraded to a later upstream version:
xorg-x11-server-Xwayland (21.1.3).

Security Fix(es):

* xorg-x11-server: SProcRenderCompositeGlyphs out-of-bounds access
(CVE-2021-4008)
* xorg-x11-server: SProcXFixesCreatePointerBarrier out-of-bounds access
(CVE-2021-4009)
* xorg-x11-server: SProcScreenSaverSuspend out-of-bounds access
(CVE-2021-4010)
* xorg-x11-server: SwapCreateRegister out-of-bounds access (CVE-2021-4011)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

Additional Changes:

Update the version to xorg-x11-server-1.20.11-5.el8, xorg-x11-server-Xwayland-21.1.3-2.el8.

CVE-2021-4008
A flaw was found in xorg-x11-server in versions before 21.1.2 and before
1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs
function. The highest threat from this vulnerability is to data confidentiality
and integrity as well as system availability.
CVE-2021-4009
A flaw was found in xorg-x11-server in versions before 21.1.2 and before
1.20.14. An out-of-bounds access can occur in the
SProcXFixesCreatePointerBarrier function. The highest threat from this
vulnerability is to data confidentiality and integrity as well as system
availability.
CVE-2021-4010
A flaw was found in xorg-x11-server in versions before 21.1.2 and before
1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend
function. The highest threat from this vulnerability is to data confidentiality
and integrity as well as system availability.
CVE-2021-4011
A flaw was found in xorg-x11-server in versions before 21.1.2 and before
1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function.
The highest threat from this vulnerability is to data confidentiality and
integrity as well as system availability.

Solution: 

Update packages.

CVEs: 
CVE-2021-4008
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-4009
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-4010
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-4011
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Additional Info: 

N/A

Download: 

SRPMS
  1. xorg-x11-server-1.20.11-5.el8.src.rpm
    MD5: 0cd7291cc83dd2be5816b05e68931c99
    SHA-256: a55f41b321881f05f3e96ca13f17c3695015c7969088e0244fff0fa4da9a9368
    Size: 6.23 MB
  2. xorg-x11-server-Xwayland-21.1.3-2.el8.src.rpm
    MD5: 6a01e3bf954bd4f3949a239d594c3add
    SHA-256: 79898cf728bb95a706a2961421d053f8e6282ea87dc3815c19c8d0f4ca5f273e
    Size: 1.22 MB

Asianux Server 8 for x86_64
  1. xorg-x11-server-Xdmx-1.20.11-5.el8.x86_64.rpm
    MD5: 29b85083b8e777f1796a98100db9b32b
    SHA-256: a8e27a5a0cab855f3c326a1019244e8fe0eb511f3e284dd828362c4d30860131
    Size: 900.07 kB
  2. xorg-x11-server-Xephyr-1.20.11-5.el8.x86_64.rpm
    MD5: b84779f70715384eb5ba0d0a53bc0784
    SHA-256: 9da686eaf29947c994e93953aa5d9eb9834d42f13a5d6b0964217d42f899c6e3
    Size: 1.00 MB
  3. xorg-x11-server-Xnest-1.20.11-5.el8.x86_64.rpm
    MD5: f91140a38d071fd858a2ac85945829bc
    SHA-256: e8cfff5293943f233b7b859ce4c022276d22c545b41355f2bf326650c26f8f94
    Size: 717.22 kB
  4. xorg-x11-server-Xorg-1.20.11-5.el8.x86_64.rpm
    MD5: ee1886c2baaaa0af27f13f5ab46ecf4e
    SHA-256: fe5c7f9ad8f3d352ccfdf1fe628acd925769cc5fd60c81ffdc0175cb0629deb7
    Size: 1.49 MB
  5. xorg-x11-server-Xvfb-1.20.11-5.el8.x86_64.rpm
    MD5: 59f5b3f38e65011c562e7bf505a5f161
    SHA-256: 226139fb8174d01e0a1feb3bb8e45aa8daaa279a314cb2fc3400f977441301b6
    Size: 870.02 kB
  6. xorg-x11-server-common-1.20.11-5.el8.x86_64.rpm
    MD5: 3e0c4d5a91ef1c11b60a328d443078ec
    SHA-256: 6d89beb673a566ee65c9c4f7e151ff27b67c19ca279c217aa8800bc207920a84
    Size: 41.50 kB
  7. xorg-x11-server-devel-1.20.11-5.el8.x86_64.rpm
    MD5: 8ea4268a2a71f4583440a5746c073f93
    SHA-256: 2484ef34fce125a4ba973927d3ef79bca4079255b455e7efac7e64724a29d117
    Size: 245.48 kB
  8. xorg-x11-server-source-1.20.11-5.el8.noarch.rpm
    MD5: 3b206fea79b0ba7d8b3af7daf1c2a635
    SHA-256: ef6338d94b487fc94ab09e3aa9c8a326185542cd0a3c978b4c8e22b2b1995afc
    Size: 2.43 MB
  9. xorg-x11-server-Xwayland-21.1.3-2.el8.x86_64.rpm
    MD5: 2aa210453541e54341696356747550c1
    SHA-256: cc5099ae6b236c9a11409d079e2dab34afcf97fad6122d9dca4556bf4ba6152f
    Size: 962.09 kB
  10. xorg-x11-server-devel-1.20.11-5.el8.i686.rpm
    MD5: 78b4ec93b2f9ef043aa17aeea3e5acec
    SHA-256: 63d8cd306d56d0419bba119435bdc6ac6760d48d0a11b041a48f2bc6c7799d82
    Size: 245.52 kB