maintainer-feedback requested: [Bug 270540] x11-servers/xorg-server: CVE-2023-1393

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 270540] x11-servers/xorg-server: CVE-2023-1393"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 30 Mar 2023 10:46:50 UTC

Bugzilla Automation <bugzilla@FreeBSD.org> has asked freebsd-x11 (Nobody)
<x11@FreeBSD.org> for maintainer-feedback:
Bug 270540: x11-servers/xorg-server: CVE-2023-1393
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270540



--- Description ---
xorg-server-21.1.7 have:
ZDI-CAN-19866/CVE-2023-1393: X.Org Server Overlay Window Use-After-Free
Local Privilege Escalation Vulnerability

https://lists.x.org/archives/xorg/2023-March/061312.html

https://cgit.freedesktop.org/xorg/xserver/commit/?id=26ef545b3502f61ca722a7a337
3507e88ef64110

https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3

fixed in version xorg-server 21.1.8