X.Org Server: Multiple vulnerabilities — GLSA 201710-30

Multiple vulnerabilities have been found in X.Org Server the worst of which could allow a local attacker to replace shared memory segments.

Affected packages

x11-base/xorg-server on all architectures
Affected versions < 1.19.4
Unaffected versions >= 1.19.4

Background

The X.Org project provides an open source implementation of the X Window System.

Description

Multiple vulnerabilities have been discovered in X.Org Server. Please review the referenced CVE identifiers for details.

Impact

A local attacker could cause a global buffer overflow or a Denial of Service condition.

Workaround

There is no known workaround at this time

Resolution

All X.Org Server users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=x11-base/xorg-server-1.19.4"
 

References

Release date
October 29, 2017

Latest revision
October 29, 2017: 1

Severity
normal

Exploitable
local

Bugzilla entries