ProHoster > Blog > nkhani zapaintaneti > Kusintha kwa X.Org Server 21.1.16 ndi zovuta 8 zokhazikika

Kusintha kwa X.Org Server 21.1.16 ndi zovuta 8 zokhazikika

Zowongolera za X.Org Server 21.1.16 ndi DDX (Device-Dependent X) chigawo cha xwayland 24.1.6 zasindikizidwa, zomwe zimatsimikizira kukhazikitsidwa kwa X.Org Server pokonzekera kukhazikitsidwa kwa mapulogalamu a X11 m'malo ozikidwa ku Wayland. Mtundu watsopano wa X.Org Server umakonza zovuta 8. Nkhanizi zitha kugwiritsidwa ntchito kuti ziwonjezere mwayi pamakina omwe seva ya X ikugwira ntchito ngati mizu, ndikuyika ma code patali pamasinthidwe pomwe kutumiza kwa gawo la X11 kumagwiritsidwa ntchito kudzera pa SSH.

Zowopsa zomwe zidazindikirika:

  • CVE-2025-26594 - Chiwopsezo chogwiritsa ntchito pambuyo paulere muzowongolera zenera. Chiwopsezocho chinayamba kale X11R6.6 isanatulutsidwe mu 2001.
  • CVE-2025-26595 - Kusefukira kwa buffer kulipo mu XkbVModMaskText() ntchito yoyambitsidwa ndi kukopera mayina osintha mu buffer yokhazikika osayang'ana bwino kukula kwake. Chiwopsezo chakhalapo kuyambira X11R6.1 (1996).
  • CVE-2025-26596 - Kusefukira kwa bafa kulipo mu XkbWriteKeySyms() ntchito, chifukwa cha kukula kowerengedwa ndi XkbSizeKeySyms() ntchito yosagwirizana ndi kukula kwa data yolembedwa ndi XkbWriteKeySyms() ntchito. Kusatetezeka kwakhalapo kuyambira mtundu woyamba wa xkb.c, womwe unaphatikizidwa mu X11R6 (1994).
  • CVE-2025-26597 - Buffer kusefukira mu ntchito ya XkbChangeTypesOfKey() chifukwa chogwiritsa ntchito kukula kwa tebulo la zilembo zolakwika. Chiwopsezo chakhalapo kuyambira pomwe idatulutsidwa X11R6.1 (1996).
  • CVE-2025-26598 - Chiwopsezo chakunja kwa malire chilipo mu CreatePointerBarrierClient(), chifukwa chobweza index yolakwika pamndandanda pakalephera kuyang'ana chida chowongolera cholozera. Chiwopsezo chikuwoneka kuyambira ndi xorg-server 1.14.0 (2013).
  • CVE-2025-26599 - Cholakwika cholozera chosadziwika chimapezeka mu compRedirectWindow() ntchito ngati sizingatheke kugawa kukumbukira kwa bitmap. Chiwopsezo chikuwoneka kuyambira ndi Xorg 6.8.0 (2004)
  • CVE-2025-26600 - Kufikira kukumbukira komwe kudamasulidwa kale mu PlayReleasedEvents () ntchito mukapezanso chipangizo chopachikidwa chomwe sichinasinthidwe. Chiwopsezo chakhalapo kuyambira X11R5 (1991).
  • CVE-2025-26601 - Kufikira kukumbukira komasulidwa kale mu SyncInitTrigger() ntchito. Chiwopsezo chakhalapo kuyambira X11R6 (1994).

Source: opennet.ru

Kuwonjezera ndemanga