Fedora Linux 8810 Published by

A xorg-x11-server security update has been released for Fedora 35.



SECURITY: Fedora 35 Update: xorg-x11-server-1.20.14-1.fc35


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-a7fd510294
2021-12-19 01:09:40.730823
--------------------------------------------------------------------------------

Name : xorg-x11-server
Product : Fedora 35
Version : 1.20.14
Release : 1.fc35
URL :   http://www.x.org
Summary : X.Org X11 X server
Description :
X.Org X11 X server

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2021-4008, CVE-2021-4009, CVE-2021-4010, CVE-2021-4011
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 17 2021 Olivier - 1.20.14-1
- xserver 1.20.14
CVE-2021-4008/ZDI-CAN-14192 (#2026059, #2032941)
CVE-2021-4009/ZDI-CAN-14950 (#2026072, #2032943)
CVE-2021-4010/ZDI-CAN-14951 (#2026073, #2032944)
CVE-2021-4011/ZDI-CAN-14952 (#2026074, #2032945)
* Tue Sep 14 2021 Sahana Prasad - 1.20.11-3
- Rebuilt with OpenSSL 3.0.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2026059 - CVE-2021-4008 xorg-x11-server: SProcRenderCompositeGlyphs out-of-bounds access
  https://bugzilla.redhat.com/show_bug.cgi?id=2026059
[ 2 ] Bug #2026072 - CVE-2021-4009 xorg-x11-server: SProcXFixesCreatePointerBarrier out-of-bounds access
  https://bugzilla.redhat.com/show_bug.cgi?id=2026072
[ 3 ] Bug #2026073 - CVE-2021-4010 xorg-x11-server: SProcScreenSaverSuspend out-of-bounds access
  https://bugzilla.redhat.com/show_bug.cgi?id=2026073
[ 4 ] Bug #2026074 - CVE-2021-4011 xorg-x11-server: SwapCreateRegister out-of-bounds access
  https://bugzilla.redhat.com/show_bug.cgi?id=2026074
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-a7fd510294' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________