diff options
author | Jan Beich <jbeich@FreeBSD.org> | 2023-02-08 03:33:34 +0000 |
---|---|---|
committer | Jan Beich <jbeich@FreeBSD.org> | 2023-02-08 03:34:57 +0000 |
commit | 01917053f62702138a077d6e153ef34d4a3cbd13 (patch) | |
tree | 91bb3e15efe14ab4558a14e457f6da6c9c4e3ab9 /security | |
parent | d4648c2b92f960d98b9f3d7acaf30fe2318c883f (diff) | |
download | ports-01917053f62702138a077d6e153ef34d4a3cbd13.tar.gz ports-01917053f62702138a077d6e153ef34d4a3cbd13.zip |
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln/2023.xml | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index 90b6b75e2d17..777942f7d841 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,50 @@ + <vuln vid="6cc63bf5-a727-4155-8ec4-68b626475e68"> + <topic>xorg-server -- Security issue in the X server</topic> + <affects> + <package> + <name>xorg-server</name> + <name>xephyr</name> + <name>xorg-vfbserver</name> + <range><lt>21.1.7,1</lt></range> + </package> + <package> + <name>xorg-nestserver</name> + <range><lt>21.1.7,2</lt></range> + </package> + <package> + <name>xwayland</name> + <range><lt>22.1.8,1</lt></range> + </package> + <package> + <name>xwayland-devel</name> + <range><lt>21.0.99.1.386</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The X.org project reports:</p> + <blockquote cite="https://lists.x.org/archives/xorg-announce/2023-February/003320.html"> + <ul> + <li>CVE-2023-0494/ZDI-CAN-19596: X.Org Server DeepCopyPointerClasses + use-after-free + + <p>A dangling pointer in DeepCopyPointerClasses can be exploited by + ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read/write into + freed memory.</p></li> + </ul> + </blockquote> + </body> + </description> + <references> + <url>https://lists.x.org/archives/xorg-announce/2023-February/003320.html</url> + <cvename>CVE-2023-0494</cvename> + </references> + <dates> + <discovery>2023-02-07</discovery> + <entry>2023-02-08</entry> + </dates> + </vuln> + <vuln vid="b34c1947-a749-11ed-b24b-1c61b4739ac9"> <topic>TightVNC -- Muliple Vulnerabilities</topic> <affects> |