ELSA-2024-0006

ELSA-2024-0006 - tigervnc security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-01-02

Description

[1.8.0-28.0.1]
- Dropped xorg-CVE-2023-5367.patch, xorg-CVE-2023-6377.patch, and xorg-CVE-2023-6478.patch

[1.8.0-28]
- Updated fix for CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
Resolves: RHEL-18415

[1.8.0-27]
- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
Resolves: RHEL-18415
- CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
Resolves: RHEL-18427

Related CVEs

CVE-2023-6377

CVE-2023-6478

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label
Oracle Linux 7 (aarch64)	tigervnc-1.8.0-28.0.1.el7_9.src.rpm	8d94cd083e006246b5bab42905923e26	-	ol7_aarch64_latest
	tigervnc-1.8.0-28.0.1.el7_9.src.rpm	8d94cd083e006246b5bab42905923e26	-	ol7_aarch64_optional_latest
	tigervnc-1.8.0-28.0.1.el7_9.src.rpm	8d94cd083e006246b5bab42905923e26	-	ol7_aarch64_u9_patch
	tigervnc-1.8.0-28.0.1.el7_9.aarch64.rpm	976e7ed91c1a33af89b456ac74710b8f	-	ol7_aarch64_latest
	tigervnc-1.8.0-28.0.1.el7_9.aarch64.rpm	976e7ed91c1a33af89b456ac74710b8f	-	ol7_aarch64_u9_patch
	tigervnc-icons-1.8.0-28.0.1.el7_9.noarch.rpm	f57aafec72dc8efcf449b63c9db482bf	-	ol7_aarch64_latest
	tigervnc-icons-1.8.0-28.0.1.el7_9.noarch.rpm	f57aafec72dc8efcf449b63c9db482bf	-	ol7_aarch64_u9_patch
	tigervnc-license-1.8.0-28.0.1.el7_9.noarch.rpm	6cd01881e0408eafbd8cd26373387c59	-	ol7_aarch64_latest
	tigervnc-license-1.8.0-28.0.1.el7_9.noarch.rpm	6cd01881e0408eafbd8cd26373387c59	-	ol7_aarch64_u9_patch
	tigervnc-server-1.8.0-28.0.1.el7_9.aarch64.rpm	e6016bfeadb78f3d4b5497fc8bb6e689	-	ol7_aarch64_latest
	tigervnc-server-1.8.0-28.0.1.el7_9.aarch64.rpm	e6016bfeadb78f3d4b5497fc8bb6e689	-	ol7_aarch64_u9_patch
	tigervnc-server-applet-1.8.0-28.0.1.el7_9.noarch.rpm	8405ca53ca4cd8b6ca2467e26a15ffb2	-	ol7_aarch64_optional_latest
	tigervnc-server-minimal-1.8.0-28.0.1.el7_9.aarch64.rpm	c2d6708e27e95ea73b3aade6ae3d69f0	-	ol7_aarch64_latest
	tigervnc-server-minimal-1.8.0-28.0.1.el7_9.aarch64.rpm	c2d6708e27e95ea73b3aade6ae3d69f0	-	ol7_aarch64_u9_patch
	tigervnc-server-module-1.8.0-28.0.1.el7_9.aarch64.rpm	7a6e7db2db929066f758890363b65897	-	ol7_aarch64_optional_latest
Oracle Linux 7 (x86_64)	tigervnc-1.8.0-28.0.1.el7_9.src.rpm	8d94cd083e006246b5bab42905923e26	-	ol7_x86_64_latest
	tigervnc-1.8.0-28.0.1.el7_9.src.rpm	8d94cd083e006246b5bab42905923e26	-	ol7_x86_64_optional_latest
	tigervnc-1.8.0-28.0.1.el7_9.src.rpm	8d94cd083e006246b5bab42905923e26	-	ol7_x86_64_u9_patch
	tigervnc-1.8.0-28.0.1.el7_9.x86_64.rpm	5bc562226f64d80ef7cd201f8367e080	-	ol7_x86_64_latest
	tigervnc-1.8.0-28.0.1.el7_9.x86_64.rpm	5bc562226f64d80ef7cd201f8367e080	-	ol7_x86_64_u9_patch
	tigervnc-icons-1.8.0-28.0.1.el7_9.noarch.rpm	f57aafec72dc8efcf449b63c9db482bf	-	ol7_x86_64_latest
	tigervnc-icons-1.8.0-28.0.1.el7_9.noarch.rpm	f57aafec72dc8efcf449b63c9db482bf	-	ol7_x86_64_u9_patch
	tigervnc-license-1.8.0-28.0.1.el7_9.noarch.rpm	6cd01881e0408eafbd8cd26373387c59	-	ol7_x86_64_latest
	tigervnc-license-1.8.0-28.0.1.el7_9.noarch.rpm	6cd01881e0408eafbd8cd26373387c59	-	ol7_x86_64_u9_patch
	tigervnc-server-1.8.0-28.0.1.el7_9.x86_64.rpm	48a05b342f330d135ce53fbf26a584ca	-	ol7_x86_64_latest
	tigervnc-server-1.8.0-28.0.1.el7_9.x86_64.rpm	48a05b342f330d135ce53fbf26a584ca	-	ol7_x86_64_u9_patch
	tigervnc-server-applet-1.8.0-28.0.1.el7_9.noarch.rpm	8405ca53ca4cd8b6ca2467e26a15ffb2	-	ol7_x86_64_optional_latest
	tigervnc-server-minimal-1.8.0-28.0.1.el7_9.x86_64.rpm	d277c5a883ea72bbe486049ec1a93e50	-	ol7_x86_64_latest
	tigervnc-server-minimal-1.8.0-28.0.1.el7_9.x86_64.rpm	d277c5a883ea72bbe486049ec1a93e50	-	ol7_x86_64_u9_patch
	tigervnc-server-module-1.8.0-28.0.1.el7_9.x86_64.rpm	5fc9e7217b5adecf5891024d04df491b	-	ol7_x86_64_optional_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team