Your message dated Tue, 29 Oct 2024 21:38:03 +0000
with message-id <e1t5tud-007wgd...@fasolo.debian.org>
and subject line Bug#1086244: fixed in xorg-server 2:21.1.13-3.1
has caused the Debian Bug report #1086244,
regarding xorg-server: CVE-2024-9632
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1086244: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086244
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: xorg-server
Version: 2:21.1.13-2
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: Julien Cristau <jcris...@debian.org>, car...@debian.org, Debian
Security Team <t...@security.debian.org>
Control: found -1 2:21.1.7-3+deb12u7
Control: found -1 2:21.1.7-1
Control: fixed -1 2:21.1.7-3+deb12u8
Control: clone -1 -2
Control: reassign -2 src:xwayland 2:24.1.3-1
Control: severity -2 important
Control: retitle -2 xwayland: CVE-2024-9632
Hi,
The following vulnerability was published for xorg-server.
CVE-2024-9632[0]:
| xkb: Fix buffer overflow in _XkbSetCompatMap()
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-9632
https://www.cve.org/CVERecord?id=CVE-2024-9632
[1]
https://gitlab.freedesktop.org/xorg/xserver/-/commit/85b776571487f52e756f68a069c768757369bfe3
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: xorg-server
Source-Version: 2:21.1.13-3.1
Done: Salvatore Bonaccorso <car...@debian.org>
We believe that the bug you reported is fixed in the latest version of
xorg-server, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1086...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated xorg-server
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 29 Oct 2024 17:23:02 +0100
Source: xorg-server
Architecture: source
Version: 2:21.1.13-3.1
Distribution: unstable
Urgency: medium
Maintainer: Debian X Strike Force <debia...@lists.debian.org>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Closes: 1086244
Changes:
xorg-server (2:21.1.13-3.1) unstable; urgency=medium
.
* Non-maintainer upload.
* xkb: Fix buffer overflow in _XkbSetCompatMap() (CVE-2024-9632)
(Closes: #1086244)
Checksums-Sha1:
3ffcdab02a283fedca306ed72555eba5a251e567 4387 xorg-server_21.1.13-3.1.dsc
1cfce4ce97201217fe2e794a58a07bfc8766e49e 179046 xorg-server_21.1.13-3.1.diff.gz
Checksums-Sha256:
993c529dfb1467190b885a3542dc0b3c4f3c006e0c8672a59093632f51724448 4387
xorg-server_21.1.13-3.1.dsc
d661ccef75a73dd83c776f8ea175c7969b90e8c1f191a39a42f48c7deec5c5ed 179046
xorg-server_21.1.13-3.1.diff.gz
Files:
d65e215ac180c0b6aa61d6f5bfd07a18 4387 x11 optional xorg-server_21.1.13-3.1.dsc
731438ce98a7d29ede5f5f813d58e8b8 179046 x11 optional
xorg-server_21.1.13-3.1.diff.gz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmchDTpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ESNoP/iwXNmkiMMKsksimHsZ1sazVxCXPqPcy
USucg3k34nwQ4pldMe1M3CsYK6kTK5tGCljFIPJyzkudVeh7vstCScIvDAh2gyJw
z8IuSiDZCrTrh6EVd+V7rYLHyn59co/nNjEvTNTF3YVDD9Ku7hWy4MHDFBXdnIcY
5erSWnjo1gpE4/Hzn982TwGkeNG+MhMmb0ohOpMliHC7tZagjLrWp/xqCUexIry0
u1emqjRaG/JYMl+hbX3zJ79DAsi+lVBnoVWuUkcvfdiD7gxpAPFcK3uiSqZppRvf
uLvLsTs+k/n9CAs3A2t8/QA2Dlz48KA2ibrNI8zt4JjmrI7Yyn3O6Cxq6qlzFV5V
97zhu9o8mnbkdy8TNMSjTTTbTh1SrYbH0sSo0+X8i9Uc9gNmFVTbbKkdZNJbRXw+
ynWecthrK92i6oco7dONsm+Kv0pcx3V5I2BdpMkLPLsdffQfIZJwe7h4E49KUP1t
82rTxpeJ5o4PMFVtSMjNEQGPjnWd+j5WLCSOQQL6SStX+DWQOolvtzGl28cDDchz
gFad/vfTTvdciJlGiAfzldqXhD5eI/U+KFaZY77YgjCwCY6wP9OvpZRiSVy2IcFz
KYssMzO55uMXxeQli/0UqcrPGfD57eOIHL8r0rOpq27UEjdW4b/xL/2CrBrtF908
GXzJr7QJ+/u7
=Rkou
-----END PGP SIGNATURE-----
pgptSOVfaYP6d.pgp
Description: PGP signature
--- End Message ---
