Debian 10264 Published by

A xorg-server security update has been released for Debian GNU/Linux 8 Extended LTS to address an incomplete input validation, which could result in privilege escalation.



ELA-328-1 xorg-server security update

Package xorg-server
Version 2:1.16.4-1+deb8u4
Related CVEs CVE-2020-14360 CVE-2020-25712
Jan-Niklas Sohn discovered that the XKB extension of the Xorg X server performed incomplete input validation, which could result in privilege escalation.

For Debian 8 jessie, these problems have been fixed in version 2:1.16.4-1+deb8u4.

We recommend that you upgrade your xorg-server packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-328-1 xorg-server security update