Attachment #230708 for bug #260526




  <vuln vid="bd9fbd0e-6d8f-11ec-94bc-47e49b90f288">
    <topic>xorg-server -- Multiple vulnerabilities (out-of-bounds access)</topic>
    <affects>
      <package>
	<name>xorg-server</name>
	<range><lt>1.20.14,1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The X.org security team reports:</p>
	<blockquote cite="https://lists.x.org/archives/xorg-announce/2021-December/003122.html">
	  <p>SProcRenderCompositeGlyphs out-of-bounds access:
            <br />The handler for the CompositeGlyphs request of the Render
            extension does not properly validate the request length leading
            to out of bounds memory write.</p>
	  <p>SProcXFixesCreatePointerBarrier out-of-bounds access:
            <br />The handler for the CreatePointerBarrier request of the
            XFixes extension does not properly validate the request length
            leading to out of bounds memory write.</p>
	  <p>SProcScreenSaverSuspend out-of-bounds access:
            <br />The handler for the Suspend request of the Screen Saver
            extension does not properly validate the request length leading
            to out of bounds memory write.</p>
	  <p>SwapCreateRegister out-of-bounds access:
            <br />The handlers for the RecordCreateContext and
            RecordRegisterClients requests of the Record extension do not
            properly validate the request length leading to out of bounds
            memory write.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-4008</cvename>
      <cvename>CVE-2021-4009</cvename>
      <cvename>CVE-2021-4010</cvename>
      <cvename>CVE-2021-4011</cvename>
      <url>https://lists.x.org/archives/xorg-announce/2021-December/003122.html</url>
    </references>
    <dates>
      <discovery>2021-12-14</discovery>
      <entry>2022-01-04</entry>
    </dates>
  </vuln>


Lines 19-24 Link Here

(-)b/security/vuxml/vuln.xml (+2 lines)
19	<!ENTITY vuln-2019 SYSTEM "vuln-2019.xml">	19	<!ENTITY vuln-2019 SYSTEM "vuln-2019.xml">
20	<!ENTITY vuln-2020 SYSTEM "vuln-2020.xml">	20	<!ENTITY vuln-2020 SYSTEM "vuln-2020.xml">
21	<!ENTITY vuln-2021 SYSTEM "vuln-2021.xml">	21	<!ENTITY vuln-2021 SYSTEM "vuln-2021.xml">
		22	<!ENTITY vuln-2022 SYSTEM "vuln-2022.xml">
22	]>	23	]>
23	<!--	24	<!--
24	Copyright 2003-2021 Jacques Vidrine and contributors	25	Copyright 2003-2021 Jacques Vidrine and contributors
Lines 77-82 Notes: Link Here
77	* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)	78	* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
78	-->	79	-->
79	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">	80	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
		81	&vuln-2022;
80	&vuln-2021;	82	&vuln-2021;
81	&vuln-2020;	83	&vuln-2020;
82	&vuln-2019;	84	&vuln-2019;

Return to bug 260526

Added Link Here

(-)b/security/vuxml/vuln-2022.xml (+45 lines)
1	<vuln vid="bd9fbd0e-6d8f-11ec-94bc-47e49b90f288">
2	<topic>xorg-server -- Multiple vulnerabilities (out-of-bounds access)</topic>
3	<affects>
4	<package>
5	<name>xorg-server</name>
6	<range><lt>1.20.14,1</lt></range>
7	</package>
8	</affects>
9	<description>
10	<body xmlns="http://www.w3.org/1999/xhtml">
11	<p>The X.org security team reports:</p>
12	<blockquote cite="https://lists.x.org/archives/xorg-announce/2021-December/003122.html">
13	<p>SProcRenderCompositeGlyphs out-of-bounds access:
14	<br />The handler for the CompositeGlyphs request of the Render
15	extension does not properly validate the request length leading
16	to out of bounds memory write.</p>
17	<p>SProcXFixesCreatePointerBarrier out-of-bounds access:
18	<br />The handler for the CreatePointerBarrier request of the
19	XFixes extension does not properly validate the request length
20	leading to out of bounds memory write.</p>
21	<p>SProcScreenSaverSuspend out-of-bounds access:
22	<br />The handler for the Suspend request of the Screen Saver
23	extension does not properly validate the request length leading
24	to out of bounds memory write.</p>
25	<p>SwapCreateRegister out-of-bounds access:
26	<br />The handlers for the RecordCreateContext and
27	RecordRegisterClients requests of the Record extension do not
28	properly validate the request length leading to out of bounds
29	memory write.</p>
30	</blockquote>
31	</body>
32	</description>
33	<references>
34	<cvename>CVE-2021-4008</cvename>
35	<cvename>CVE-2021-4009</cvename>
36	<cvename>CVE-2021-4010</cvename>
37	<cvename>CVE-2021-4011</cvename>
38	<url>https://lists.x.org/archives/xorg-announce/2021-December/003122.html</url>
39	</references>
40	<dates>
41	<discovery>2021-12-14</discovery>
42	<entry>2022-01-04</entry>
43	</dates>
44	</vuln>
45