ProHoster > Блог > wararka internetka > X.Org Server 21.1.18 cusboonaysiinta oo leh 6 dayacan oo go'an

X.Org Server 21.1.18 cusboonaysiinta oo leh 6 dayacan oo go'an

Siideynta saxda ah ee X.Org Server 21.1.17 iyo DDX (Qalabka-Ku-tiirsanaanta X) qaybta xwayland 24.1.7 ayaa la daabacay, taas oo hubinaysa in la bilaabay X.Org Server si loo abaabulo fulinta codsiyada X11 ee deegaanka ku salaysan Wayland. Nooca cusub ee X.Org Server wuxuu hagaajiyaa dayacanka 6. Arrimuhu waxay suurtogal u tahay in laga faa'iidaysto si kor loogu qaado mudnaanta nidaamyada halka server-ka X uu u shaqeeyo xidid ahaan, iyo in lagu fuliyo koodka meel fog oo ku saabsan qaabeynta halka gudbinta fadhiga X11 loo isticmaalo helitaanka SSH.

Nuglaanta la aqoonsaday:

  • CVE-2025-49176 - Isku-dhafid xad-dhaaf ah oo horseedaya musuqmaasuqa xusuusta ayaa ka jira hirgelinta kordhinta Codsiyada Weyn, kaas oo u oggolaanaya dirida codsiyada ka weyn 64 kilobytes. Nuglaanta ayaa jirtay tan iyo markii la sii daayay X11R6.0 (1994).
  • CVE-2025-49179 - Isku-darka buuxdhaafka ah ee horseedaya musuqmaasuqa xusuusta ayaa ka jira hirgelinta kordhinta Diiwaanka X marka la dirayo tiro aad u badan oo macmiil ah ama kala duwan. Nuglaanta ayaa jirtay ilaa X11R6.1 (1996).
  • CVE-2025-49180 waa qulqul xad dhaaf ah oo horseedaya musuqmaasuqa xusuusta ee hirgelinta kordhinta RandR. Nuglaanta ayaa muuqata tan iyo markii la sii daayay 1.13 RC1 (2012).
  • CVE-2025-49178 - Suurtagalnimada abuurista xaalad horseedaysa xannibista codsiyada macaamiisha kale. Nuglaanta ayaa is muujisa tan iyo markii la sii daayay Xorg 1.10.0
  • CVE-2025-49175 - Ka baxsan xadka ku akhri kordhinta X Rendering marka la samaynayo hawlgallada cursarada firfircoon. Nuglaanta ayaa jirtay ilaa XFree86 4.3.0 (2003).
  • CVE-2025-49177 - Xogta ka daadanaya fulinta XFIXES kordhinta oo ay sababtay hubin la'aanta cabbirka codsiga macmiilka ee XFixesSetClientDisconnectMode gacan hayaha (macmiilku wuxuu soo diri karaa codsi gaaban oo akhriya xogta codsigii hore. Nuglaanta ayaa iskeed isu muujisa tan iyo markii la sii daayay Xorg Server 21.1 RC1).

Cusbooneysii: Kuleylka ciribta sii deyntan, X.Org Server 21.1.18 iyo xwayland 24.1.8 ayaa la sii daayay, kuwaas oo ay ku jiraan isbedelo dheeraad ah si loo hagaajiyo nuglaanta CVE-2025-49176.

Source: opennet.ru

Add a comment