CVE-2012-1093

Published: 21 February 2020

The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.

Priority

CVSS 3 base score: 7.8

Status

Package	Release	Status
xorg Launchpad, Ubuntu, Debian	Upstream	Needed

	Ubuntu 20.10 (Groovy Gorilla)	Needed
	Ubuntu 20.04 LTS (Focal Fossa)	Needed
	Ubuntu 18.04 LTS (Bionic Beaver)	Needed
	Ubuntu 16.04 LTS (Xenial Xerus)	Needed
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was needed)

Notes

Author	Note
mdeslaur	xorg server is actually the xorg-server package the xorg package only contains docs

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661627

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading