[Git][security-tracker-team/security-tracker][master] new xorg-server issues

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
01095530 by Moritz Muehlenhoff at 2022-07-12T15:22:20+02:00
new xorg-server issues

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1001,10 +1001,16 @@ CVE-2022-35217
 	RESERVED
 CVE-2022-35216
 	RESERVED
-CVE-2022-2320
+CVE-2022-2320 [ZDI-CAN-16070: X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access]
 	RESERVED
-CVE-2022-2319
+	- xorg-server <unfixed>
+	NOTE: https://github.com/freedesktop/xorg-xserver/commit/dd8caf39e9e15d8f302e54045dd08d8ebf1025dc
+	NOTE: https://www.openwall.com/lists/oss-security/2022/07/12/1
+CVE-2022-2319 [ZDI-CAN-16062: X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access]
 	RESERVED
+	- xorg-server <unfixed>
+	NOTE: https://github.com/freedesktop/xorg-xserver/commit/6907b6ea2b4ce949cb07271f5b678d5966d9df42
+	NOTE: https://www.openwall.com/lists/oss-security/2022/07/12/1
 CVE-2022-2317
 	RESERVED
 CVE-2022-2316 (HTML injection vulnerability in secure messages of Devolutions Server  ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -75,3 +75,5 @@ wpewebkit/stable (berto)
 --
 xen (jmm)
 --
+xorg-server
+--



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0109553026b997d3c62660e088af7a3d0045cbd1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0109553026b997d3c62660e088af7a3d0045cbd1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220712/5401cb6e/attachment-0001.htm>