AVG-341

Package xorg-server
Status Fixed
Severity High
Type multiple issues
Affected 1.19.3-2
Fixed 1.19.3-3
Current 1.20.4-1 [extra]
Ticket None
Created Thu Jul 6 14:24:43 2017
Issue Severity Remote Type Description
CVE-2017-10972 High Yes Information disclosure
Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server on v1.19.3 and before allowed authenticated malicious users to...
CVE-2017-10971 High Yes Arbitrary code execution
In the X.Org X server on v.1.19.3, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack...
Date Advisory Package Description
14 Aug 2017 ASA-201708-11 xorg-server multiple issues
References
https://bugzilla.suse.com/show_bug.cgi?id=1035283
Notes
Fixes are already in master, but no release is tagged yet.