xorg-x11-server-1.17.4-18.0.1.AXS4

エラータID: AXSA:2020-944:01

リリース日: 
2020/11/24 Tuesday - 04:38
題名: 
xorg-x11-server-1.17.4-18.0.1.AXS4
影響のあるチャネル: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

以下項目について対処しました。
[Security Fix]
- X.Org サーバーの XkbSetNames 関数には境界外アクセスの問題があり、
権限昇格を引き起こす脆弱性があります。(CVE-2020-14345)

- X.Org サーバーの X 入力拡張プロトコルのデコード処理には、
整数アンダーフローの問題があり、任意のメモリアクセスが可能な
脆弱性があります。(CVE-2020-14346)

- X.Org サーバーにはヒープ領域のバッファオーバーフローにつながる
整数アンダーフローの問題があり、権限昇格を引き起こす脆弱性が
あります。(CVE-2020-14361)

- X.Org サーバーには、ヒープバッファオーバーフローにつながる
整数アンダーフローの問題があり、権限昇格を引き起こす脆弱性が
あります。(CVE-2020-14362)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2020-14345
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14346
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14361
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14362
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. xorg-x11-server-1.17.4-18.0.1.AXS4.src.rpm
    MD5: e57c2225bd30cab2d62d392b08307c08
    SHA-256: 3eb6e66216e68fc1e5115979a10e0c368a20c4f78fb0db0c49c2a9d5c3f15f82
    Size: 5.60 MB

Asianux Server 4 for x86
  1. xorg-x11-server-common-1.17.4-18.0.1.AXS4.i686.rpm
    MD5: b660306ba005bd71fa554c83153a8019
    SHA-256: 009e5c6f8225bb32dfab4e22798b21266d3824cb28e921b8583b0b2767d29979
    Size: 50.68 kB
  2. xorg-x11-server-devel-1.17.4-18.0.1.AXS4.i686.rpm
    MD5: d70440c2140aa706778f54b97dd02cde
    SHA-256: ea5a1afed7f1805c91e1f9b2ea4eb16194c99aabcd7d00900eaa83b260665510
    Size: 257.42 kB
  3. xorg-x11-server-Xephyr-1.17.4-18.0.1.AXS4.i686.rpm
    MD5: 9dabe91885274b8855fc846e429ed55c
    SHA-256: 7b253805594e604743cfb5fa476e4aab07c746d62412f2f09b3d3090a1edda29
    Size: 0.96 MB
  4. xorg-x11-server-Xorg-1.17.4-18.0.1.AXS4.i686.rpm
    MD5: 6391d1088f0f9f21f76ce729d66251a4
    SHA-256: 99808cdf2cc9789754c5de93f458e3926c8c5875f6ae68ab881d9221d81c7dc2
    Size: 1.39 MB

Asianux Server 4 for x86_64
  1. xorg-x11-server-common-1.17.4-18.0.1.AXS4.x86_64.rpm
    MD5: 379cccc6be0e6f9f7837407f79d7672c
    SHA-256: ab8933748c58dfd2d14d3de3545c18e5d4c0dc70337bbae16b15c35eb1e58794
    Size: 50.23 kB
  2. xorg-x11-server-devel-1.17.4-18.0.1.AXS4.x86_64.rpm
    MD5: b0a22ed4b3658e441575ad05ef52e0cc
    SHA-256: 849ff4c996d88cf28fa52f827867db90cbffdeefd1c85c5cda51b44de6e3b825
    Size: 257.00 kB
  3. xorg-x11-server-Xephyr-1.17.4-18.0.1.AXS4.x86_64.rpm
    MD5: f000ed7ed7c5f3c1c9c146ded472db57
    SHA-256: 6d1742aef0274176f7155a187a753769bdcacde61f68a3519cfa8e8f12885ca0
    Size: 0.96 MB
  4. xorg-x11-server-Xorg-1.17.4-18.0.1.AXS4.x86_64.rpm
    MD5: 0be57e52258ab76448d4ce495ce0677d
    SHA-256: 5cd28e3b3f2325c9c0563431b4562267bd75e2a1d61ceb2f6e7e34753c9448b7
    Size: 1.41 MB