Debian Security Advisory 4920-1

Debian Security Advisory 4920-1: Posted May 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4920-1 - Roman Fiedler reported that missing length validation in various functions provided by libx11, the X11 client-side library, allow to inject X11 protocol commands on X clients, leading to authentication bypass, denial of service or potentially the execution of arbitrary code.; tags | advisory, denial of service, arbitrary, protocol; systems | linux, debian; advisories | CVE-2021-31535; SHA-256 | 4394a56178b38b24b98deb1792eadb7d5bae57faddf795c0673c26d8cf9b1b4f; Download | Favorite | View

Debian Security Advisory 4920-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4920-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 24, 2021                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libx11
CVE ID         : CVE-2021-31535
Debian Bug     : 988737

Roman Fiedler reported that missing length validation in various
functions provided by libx11, the X11 client-side library, allow
to inject X11 protocol commands on X clients, leading to
authentication bypass, denial of service or potentially the
execution of arbitrary code.

For the stable distribution (buster), this problem has been fixed in
version 2:1.6.7-1+deb10u2.

We recommend that you upgrade your libx11 packages.

For the detailed security status of libx11 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/libx11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmCrUBlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TLhQ/7BKGG6XKccCp9tE/2doEE3gTORVY8ofgcB7u7BzNzR+B+RM1O81/UY0oA
lhLGrtWzuPs+2aUtv9T+uknWEHOgTNzaGxi7zGh+xo8VxF9z/mYz0mdnSNJ+BR7H
GjzDUQYlHdihyAQR40EfqwQhWkaTgH2bA8bJO9VipdtSagD+SXXsSU4Tu5147p9e
+HWxzmUxRD1D2aEfN3FYx7yZDyFg2QCKz57m0DKxNQNs6sYA/HQtfxDlmfTejWH/
auMVV0+66bBi3VdVLLopy+3scPYDGMNMX34NuL/x+F2ByJmTu+7+O6vCw17IZvRb
kbsrmKPCJoX1hxHTxwcYD/kuXXRLU8MzAerSA+aV8RbQTIhvcfUWr3p2nne2sqcW
5nO0VLQVD+ing+osQaB8dpF8JuE/AyknZpQFKldD6mewjBHz6+wvOtU0Ay/TDTe3
fYCZPAKric/irKUfSf9euGiGJhDOcCl4QtstBzNxC15Lw8t7b4W5VVlGrB/ipzvh
QUsUYjI6OWP+WPLJV1DrPQPVtct7YSNQsZ9da3YZ8/WLC92Om9EOOiZCHqHa8Zd5
yjheHQRp7rnXLGaXxpy25hvtac+RZpNltb3kfqYOwlpV5l0NshJ1iwMmd90ICedK
DMcoKXohHmv6RfY3mo4wh0JOl7iyEauTs+nJ2JfpfI6Z/QQE0Cs=
=Ymz2
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 239 files
indoushka 79 files
Ubuntu 79 files
Debian 22 files
LiquidWorm 20 files
Google Security Research 8 files
Gentoo 7 files
malvuln 6 files
Emiliano Febbi 4 files
Seth Jenkins 4 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,147)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,676)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,132)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,946)
UNIX (9,472)
UnixWare (188)
Windows (6,784)
Other

Debian Security Advisory 4920-1

Debian Security Advisory 4920-1

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4920-1

Share This

Debian Security Advisory 4920-1

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems