[USN-4656-2] X.Org X Server vulnerabilities
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon Dec 7 16:12:39 UTC 2020
==========================================================================
Ubuntu Security Notice USN-4656-2
December 07, 2020
xorg-server vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in X.Org X Server.
Software Description:
- xorg-server: X.Org X11 server
Details:
USN-4656-1 fixed several vulnerabilities in X.Org. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Jan-Niklas Sohn discovered that the X.Org X Server XKB extension
incorrectly handled certain inputs. A local attacker could possibly use
this issue to escalate privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
xserver-xorg-core 2:1.15.1-0ubuntu2.11+esm3
After a standard system update you need to reboot your computer to make all
the necessary changes.
References:
https://usn.ubuntu.com/4656-2
https://usn.ubuntu.com/4656-1
CVE-2020-14360, CVE-2020-25712
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20201207/242ad4d1/attachment.sig>
More information about the ubuntu-security-announce
mailing list