ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > X.Org Server 21.1.11 hloov tshiab nrog 6 qhov tsis zoo tau kho

X.Org Server 21.1.11 hloov tshiab nrog 6 qhov tsis zoo tau kho

Kho qhov tso tawm ntawm X.Org Server 21.1.11 thiab DDX tivthaiv (Device-Dependent X) xwayland 23.2.4 tau luam tawm, uas ua kom lub community launch ntawm X.Org Server rau kev teeb tsa kev ua tiav ntawm X11 daim ntawv thov hauv Wayland-raws li ib puag ncig. Cov qauv tshiab kho 6 qhov tsis zoo, qee qhov tuaj yeem siv rau kev tsim nyog nce ntxiv ntawm cov tshuab uas X server tab tom khiav hauv paus, nrog rau kev ua haujlwm ntawm cov chaw taws teeb hauv kev teeb tsa uas siv X11 kev hloov pauv ntawm SSH rau kev nkag.

Cov teeb meem tau txheeb xyuas:

  • CVE-2023-6816 - Ib qho tsis sib xws tshwm sim thaum qhov ntsuas qhov ntsuas tsis raug dhau los hauv DeviceFocusEvent thiab ProcXIQueryPointer cov haujlwm. Qhov tsis zoo yog tshwm sim los ntawm qhov tseeb tias X server faib array nco raws li tus naj npawb ntawm cov nyees khawm, thaum qhov kev thov tso cai rau tus nqi txog 255 hauv array. Qhov teeb meem tau tshwm sim txij li thaum tso tawm ntawm xorg-server-1.13.0. .2012 (XNUMX).
  • CVE-2024-0229 Ib qho kev tawm ntawm qhov tsis sib xws sau los ntawm kev rov ua dua rau lwm tus tswv cuab yeej hauv kev teeb tsa uas lub cuab yeej tau nruab nrog cov khoom nkag ntawm chav kawm "khawm" thiab "tus yuam sij" (tus yuam sij), thiab tus lej ntawm nyees khawm (numButtons parameter) yog teem rau 0. Qhov teeb meem tau tshwm sim txij li thaum tso tawm ntawm xorg-server-1.1.1 (2006).
  • CVE-2024-21885 - Ib qho tsis txaus nyob rau hauv XISendDeviceHierarchyEvent muaj nuj nqi tshwm sim thaum lub cuab yeej nrog tus ID muab tshem tawm thiab ib lub cuab yeej nrog tib ID ntxiv rau tib qhov kev thov. Qhov tsis zoo yog tshwm sim los ntawm qhov tseeb tias thaum lub sijhawm ua haujlwm ob zaug rau ib tus cim, ob qho piv txwv ntawm cov qauv xXIHierarchyInfo tau sau ib zaug, thaum XISendDeviceHierarchyEvent muaj nuj nqi faib lub cim xeeb rau ib qho piv txwv. Qhov teeb meem tau tshwm sim txij li thaum tso tawm ntawm xorg-server-1.10.0 (2010).
  • CVE-2024-21886 - Ib qho tsis txaus nyob rau hauv DisableDevice muaj nuj nqi uas tshwm sim thaum tus tswv ntaus ntawv raug xiam oob khab thaum cov khoom siv qhev twb tsis taus lawm. Qhov tsis zoo yog tshwm sim los ntawm kev suav tsis raug ntawm qhov loj ntawm cov qauv rau khaws cov npe ntawm cov khoom siv. Qhov teeb meem tau tshwm sim txij li thaum tso tawm ntawm xorg-server-1.13.0 (2012).
  • CVE-2024-0409, CVE-2024-0408 - SELinux cov ntsiab lus kev noj nyiaj txiag thaum ua kom xserver_object_manager thiab khiav tus neeg siv khoom lossis tsim GLX PBuffer.

Tau qhov twg los: opennet.ru

Ntxiv ib saib