ELSA-2024-0629

ULN >
Oracle Linux Errata repository >
ELSA-2024-0629

ELSA-2024-0629 - tigervnc security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-02-01

Description

[1.8.0-31.0.1]
- Dropped xorg-CVE-2023-5367.patch, xorg-CVE-2023-6816.patch, xorg-CVE-2023-6377.patch, xorg-CVE-2023-6478.patch,
xorg-CVE-2024-0229-1.patch, xorg-CVE-2024-0229-2.patch, xorg-CVE-2024-0229-3.patch, xorg-CVE-2024-21885.patch,
xorg-CVE-2024-21886-1.patch, xorg-CVE-2024-21886-2.patch, xorg-dix-fix-use-after-free-in-input-device-shutdown.patch

[1.8.0-31]
- Fix use after free related to CVE-2024-21886
Resolves: RHEL-20436
- Fix copy/paste error in the DeviceStateNotify
Resolves: RHEL-20587

[1.8.0-30]
- Don't try to get pointer position when the pointer becomes a floating device
Resolves: RHEL-20436

[1.8.0-29]
- Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
Resolves: RHEL-20436
- Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
Resolves: RHEL-20427
- Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
Resolves: RHEL-20587
- Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
Resolves: RHEL-21212

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	tigervnc-1.8.0-31.0.1.el7_9.src.rpm	fb9179e8302e548410fe8d9bbeedb540	-	ol7_aarch64_latest
	tigervnc-1.8.0-31.0.1.el7_9.src.rpm	fb9179e8302e548410fe8d9bbeedb540	-	ol7_aarch64_optional_latest
	tigervnc-1.8.0-31.0.1.el7_9.src.rpm	fb9179e8302e548410fe8d9bbeedb540	-	ol7_aarch64_u9_patch
	tigervnc-1.8.0-31.0.1.el7_9.aarch64.rpm	c57dc97db74d4e2e2086962f620fd265	-	ol7_aarch64_latest
	tigervnc-1.8.0-31.0.1.el7_9.aarch64.rpm	c57dc97db74d4e2e2086962f620fd265	-	ol7_aarch64_u9_patch
	tigervnc-icons-1.8.0-31.0.1.el7_9.noarch.rpm	4b4fc5c0092983435757c447d308657b	-	ol7_aarch64_latest
	tigervnc-icons-1.8.0-31.0.1.el7_9.noarch.rpm	4b4fc5c0092983435757c447d308657b	-	ol7_aarch64_u9_patch
	tigervnc-license-1.8.0-31.0.1.el7_9.noarch.rpm	aa08a017f4274dddd9e5c205ea07c912	-	ol7_aarch64_latest
	tigervnc-license-1.8.0-31.0.1.el7_9.noarch.rpm	aa08a017f4274dddd9e5c205ea07c912	-	ol7_aarch64_u9_patch
	tigervnc-server-1.8.0-31.0.1.el7_9.aarch64.rpm	00a6c45a7f2992ff55d4a4f68713086e	-	ol7_aarch64_latest
	tigervnc-server-1.8.0-31.0.1.el7_9.aarch64.rpm	00a6c45a7f2992ff55d4a4f68713086e	-	ol7_aarch64_u9_patch
	tigervnc-server-applet-1.8.0-31.0.1.el7_9.noarch.rpm	b9a04a3c7210f03ed87d4e3be95d7b2f	-	ol7_aarch64_optional_latest
	tigervnc-server-minimal-1.8.0-31.0.1.el7_9.aarch64.rpm	63f92d315e0b5d2d4403fdbc76ef5fbc	-	ol7_aarch64_latest
	tigervnc-server-minimal-1.8.0-31.0.1.el7_9.aarch64.rpm	63f92d315e0b5d2d4403fdbc76ef5fbc	-	ol7_aarch64_u9_patch
	tigervnc-server-module-1.8.0-31.0.1.el7_9.aarch64.rpm	38fe2c4a5916413b201104c4a2fa9e6d	-	ol7_aarch64_optional_latest

Oracle Linux 7 (x86_64)	tigervnc-1.8.0-31.0.1.el7_9.src.rpm	fb9179e8302e548410fe8d9bbeedb540	-	ol7_x86_64_latest
	tigervnc-1.8.0-31.0.1.el7_9.src.rpm	fb9179e8302e548410fe8d9bbeedb540	-	ol7_x86_64_optional_latest
	tigervnc-1.8.0-31.0.1.el7_9.src.rpm	fb9179e8302e548410fe8d9bbeedb540	-	ol7_x86_64_u9_patch
	tigervnc-1.8.0-31.0.1.el7_9.x86_64.rpm	3bacb2ea8a502d23b10abd68718a481c	-	ol7_x86_64_latest
	tigervnc-1.8.0-31.0.1.el7_9.x86_64.rpm	3bacb2ea8a502d23b10abd68718a481c	-	ol7_x86_64_u9_patch
	tigervnc-icons-1.8.0-31.0.1.el7_9.noarch.rpm	4b4fc5c0092983435757c447d308657b	-	ol7_x86_64_latest
	tigervnc-icons-1.8.0-31.0.1.el7_9.noarch.rpm	4b4fc5c0092983435757c447d308657b	-	ol7_x86_64_u9_patch
	tigervnc-license-1.8.0-31.0.1.el7_9.noarch.rpm	aa08a017f4274dddd9e5c205ea07c912	-	ol7_x86_64_latest
	tigervnc-license-1.8.0-31.0.1.el7_9.noarch.rpm	aa08a017f4274dddd9e5c205ea07c912	-	ol7_x86_64_u9_patch
	tigervnc-server-1.8.0-31.0.1.el7_9.x86_64.rpm	99ab78236f4edb547857df56c0f186e3	-	ol7_x86_64_latest
	tigervnc-server-1.8.0-31.0.1.el7_9.x86_64.rpm	99ab78236f4edb547857df56c0f186e3	-	ol7_x86_64_u9_patch
	tigervnc-server-applet-1.8.0-31.0.1.el7_9.noarch.rpm	b9a04a3c7210f03ed87d4e3be95d7b2f	-	ol7_x86_64_optional_latest
	tigervnc-server-minimal-1.8.0-31.0.1.el7_9.x86_64.rpm	484f2d04fc9ac8cfe8be3d25d3d63421	-	ol7_x86_64_latest
	tigervnc-server-minimal-1.8.0-31.0.1.el7_9.x86_64.rpm	484f2d04fc9ac8cfe8be3d25d3d63421	-	ol7_x86_64_u9_patch
	tigervnc-server-module-1.8.0-31.0.1.el7_9.x86_64.rpm	b590430c5192f1b0e17fa42e130f0d86	-	ol7_x86_64_optional_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691