X.Org Server: Multiple vulnerabilities — GLSA 201711-05

Multiple vulnerabilities have been found in X.Org Server, the worst of which could allow an attacker to execute arbitrary code.

Affected packages

x11-base/xorg-server on all architectures
Affected versions < 1.19.5
Unaffected versions >= 1.19.5

Background

The X.Org project provides an open source implementation of the X Window System.

Description

Multiple vulnerabilities have been discovered in X.Org Server. Please review the referenced CVE identifiers for details.

Impact

Attackers could execute arbitrary code or cause a Denial of Service condition.

Workaround

There is now know workaround at this time.

Resolution

All X.Org Server users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=x11-base/xorg-server-1.19.5"
 

References

Release date
November 10, 2017

Latest revision
November 10, 2017: 1

Severity
normal

Exploitable
remote

Bugzilla entries