SUSE-SU-2018:3456-1

UNKNOWN

Security update for xorg-x11-server

Published Oct 25, 2018

Modified 7 years ago

Fix available

Details

This update for xorg-x11-server provides the following fix:

Security issue fixed:

CVE-2018-14665: Local attackers could overwrite system files in any directory using the -logfile option and gain privileges (bsc#1111697)

Non security issues fixed:

Do not write past the allocated buffer. (bsc#1078383)

Affected Packages

xorg-x11-Xvnc

SUSE Linux Enterprise Point of Sale 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4

Fixed in:

7.4-27.122.21.1

xorg-x11-server

Fixed in:

7.4-27.122.21.1

xorg-x11-server-extra

Fixed in:

7.4-27.122.21.1

xorg-x11-server-sdk

SUSE Linux Enterprise Software Development Kit 11 SP4

Fixed in:

7.4-27.122.21.1

References

REPORT

https://bugzilla.suse.com/1078383

REPORT

https://bugzilla.suse.com/1111697

WEB

https://www.suse.com/security/cve/CVE-2018-14665

ADVISORY

https://www.suse.com/support/update/announcement/2018/suse-su-20183456-1/

Upstream

CVE-2018-14665

Ecosystems(6)

SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4

Timeline

PublishedOct 25, 2018

ModifiedOct 25, 2018

SUSE-SU-2018:3456-1 | Mondoo Vulnerability Intelligence