ID de Prueba:	1.3.6.1.4.1.25623.1.1.13.2023.299.02
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2023-299-02)
Resumen:	The remote host is missing an update for the 'xorg-server' package(s) announced via the SSA:2023-299-02 advisory.
Descripción:	Summary: The remote host is missing an update for the 'xorg-server' package(s) announced via the SSA:2023-299-02 advisory. Vulnerability Insight: New xorg-server packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/xorg-server-1.20.14-i586-9_slack15.0.txz: Rebuilt. This update fixes security issues: OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. Use-after-free bug in DestroyWindow. For more information, see: [links moved to references] (* Security fix *) patches/packages/xorg-server-xephyr-1.20.14-i586-9_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xnest-1.20.14-i586-9_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xvfb-1.20.14-i586-9_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xwayland-21.1.4-i586-8_slack15.0.txz: Rebuilt. This update fixes a security issue: OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'xorg-server' package(s) on Slackware 15.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-5367 RHBZ#2243091 https://bugzilla.redhat.com/show_bug.cgi?id=2243091 RHSA-2023:6802 https://access.redhat.com/errata/RHSA-2023:6802 RHSA-2023:6808 https://access.redhat.com/errata/RHSA-2023:6808 RHSA-2023:7373 https://access.redhat.com/errata/RHSA-2023:7373 RHSA-2023:7388 https://access.redhat.com/errata/RHSA-2023:7388 RHSA-2023:7405 https://access.redhat.com/errata/RHSA-2023:7405 RHSA-2023:7428 https://access.redhat.com/errata/RHSA-2023:7428 RHSA-2023:7436 https://access.redhat.com/errata/RHSA-2023:7436 RHSA-2023:7526 https://access.redhat.com/errata/RHSA-2023:7526 RHSA-2023:7533 https://access.redhat.com/errata/RHSA-2023:7533 RHSA-2024:0010 https://access.redhat.com/errata/RHSA-2024:0010 RHSA-2024:0128 https://access.redhat.com/errata/RHSA-2024:0128 RHSA-2024:2169 https://access.redhat.com/errata/RHSA-2024:2169 RHSA-2024:2170 https://access.redhat.com/errata/RHSA-2024:2170 RHSA-2024:2995 https://access.redhat.com/errata/RHSA-2024:2995 RHSA-2024:2996 https://access.redhat.com/errata/RHSA-2024:2996 https://access.redhat.com/security/cve/CVE-2023-5367 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RK66CXMXO3PCPDU3GDY5FK4UYHUXQJT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4YBK3I6SETHETBHDETFWM3VSZUQICIDV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L2RMNR4235YXZZQ2X7Q4MTOZDMZ7BBQU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEDJN4VFN57K5POOC7BNVD6L6WUUCSG6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/ https://lists.x.org/archives/xorg-announce/2023-October/003430.html https://security.gentoo.org/glsa/202401-30 https://security.netapp.com/advisory/ntap-20231130-0004/ https://www.debian.org/security/2023/dsa-5534 Common Vulnerability Exposure (CVE) ID: CVE-2023-5380 RHBZ#2244736 https://bugzilla.redhat.com/show_bug.cgi?id=2244736 RHSA-2024:2298 https://access.redhat.com/errata/RHSA-2024:2298 RHSA-2024:3067 https://access.redhat.com/errata/RHSA-2024:3067 https://access.redhat.com/security/cve/CVE-2023-5380
Copyright	Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.