A xorg-server security update has been released for Debian GNU/Linux 8 Extended LTS to address multiple input validation failures.
ELA-534-1 xorg-server security update
Package xorg-server
ELA-534-1 xorg-server security update
Version 2:1.16.4-1+deb8u6
Related CVEs CVE-2021-4008 CVE-2021-4009 CVE-2021-4011
Jan-Niklas Sohn discovered that multiple input validation failures in X server extensions of the X.org X server may result in privilege escalation if the X server is running privileged.
For Debian 8 jessie, these problems have been fixed in version 2:1.16.4-1+deb8u6.
We recommend that you upgrade your xorg-server packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
