-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4328-1 security@xxxxxxxxxx https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xorg-server CVE ID : CVE-2018-14665 Narendra Shinde discovered that incorrect command-line parameter validation in the Xorg X server may result in arbitary file overwrite, which can result in privilege escalation. For the stable distribution (stretch), this problem has been fixed in version 2:1.19.2-1+deb9u4. We recommend that you upgrade your xorg-server packages. For the detailed security status of xorg-server please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xorg-server Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlvSM2UACgkQEMKTtsN8 Tja9eA/6AoinY8OvykOs6ao2Wp2tsFBJWSZRaKf17oqN0xpGWhpPZwOIMAflroZB i0q6GNXp5Nd3OLI3VEjlZ5BQZuX4UTCkFCdKQs/9g1PZ55tvZSPBbhvsBI74BjZl XfQsTXiyZ/a32OZvVIPFbSVD8fudtav5yKkQf87/3gUSDP6yyqZ1cO1yIz4Cn1kF EPXhBz8Ki/Zh2OzkTohuJrQnHyUqnloSMWtcYszwoXrSr60LOTrNY5Q6lOpY/GNR qqAlBlp1l/4u+iOmoqg8k7EDj+QF54DlawJv8mkYEpJBdmkcGJb8HfkOEnJTq4h/ kvV3yVqdEbjxag6hwLl16Ziv0+NKnUrpFQgurftJ/y0ih5e0BU1cAWFG21HlORbS X2riz9vrtC3aR5VHYUnVODwWmRnjL13DjPI1/w4SPN/Rewo8SNpLPbMM9WyP2dul zXYNwzyexMaxG0TGer70Lnb5jh2kOhy/IE9YoyOw1sGYvCIkUu5Gmra4FGHTA8kT EPRK1wQJjdJKVHO0TkC2lktdISH0vW04QUkneVcU7/MAueGBh7I8OHedFXFhOpPz Ed/T40JRhOkeHU/3ICA12o4kgDImXKgb0FR34+bPBZZpjJF9MM42STXJ2KhI7PXl rzteqmjIpE0gCKdSJ4C+q4NmBz0SWUK8WkZEyZbEUQS2z7nwkTQ= =Q65S -----END PGP SIGNATURE-----