ELSA-2024-2037
- ULN >
- Oracle Linux Errata repository >
- ELSA-2024-2037
ELSA-2024-2037 - tigervnc security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2024-04-24 |
Description
[1.13.1-2.10]
- Fix crash caused by fix for CVE-2024-31083
Resolves: RHEL-30981
[1.13.1-2.9]
- Rebuild (z-stream target)
Resolves: RHEL-31011
Resolves: RHEL-30981
Resolves: RHEL-30998
[1.13.1-2.8]
- Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
Resolves: RHEL-31011
- Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
Resolves: RHEL-30981
- Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
Resolves: RHEL-30998
[1.13.1-3.7]
- Fix use after free related to CVE-2024-21886
Resolves: RHEL-20432
- Fix copy/paste error in the DeviceStateNotify
Resolves: RHEL-20583
[1.13.1-3.6]
- Don't try to get pointer position when the pointer becomes a floating device
Resolves: RHEL-20432
[1.13.1-3.5]
- Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
Resolves: RHEL-20432
- Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
Resolves: RHEL-20420
- Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
Resolves: RHEL-20583
- Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
Resolves: RHEL-21252
[1.13.1-2.4]
- Updated fix for CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
Resolves: RHEL-18409
[1.13.1-2.3]
- Rebuild (selinux-policy)
Resolves: RHEL-18409
Resolves: RHEL-18421
[1.13.1-2.2]
- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
Resolves: RHEL-18409
- Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
Resolves: RHEL-18421
[1.13.1-2.1]
- Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
- Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
Resolves: RHEL-15229
Related CVEs
| CVE-2024-31080 |
| CVE-2024-31083 |
| CVE-2024-31081 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | tigervnc-1.13.1-2.el8_9.10.src.rpm | 68184bbe5f2994475b6198dc7aa9af49 | - | ol8_aarch64_appstream |
| tigervnc-1.13.1-2.el8_9.10.aarch64.rpm | 7776f2cde2a50a7a03b299523e9364fd | - | ol8_aarch64_appstream | |
| tigervnc-icons-1.13.1-2.el8_9.10.noarch.rpm | 0f7a1bf2bb5f23cf226b8a8c8536ba77 | - | ol8_aarch64_appstream | |
| tigervnc-license-1.13.1-2.el8_9.10.noarch.rpm | ce9fe41c083c6745a7b7708d09531acb | - | ol8_aarch64_appstream | |
| tigervnc-selinux-1.13.1-2.el8_9.10.noarch.rpm | 4d14eab0bdb7da294ac197cd6867c2a9 | - | ol8_aarch64_appstream | |
| tigervnc-server-1.13.1-2.el8_9.10.aarch64.rpm | 2a7312774176aa825bb43bae00766323 | - | ol8_aarch64_appstream | |
| tigervnc-server-minimal-1.13.1-2.el8_9.10.aarch64.rpm | cbfdd4b31302c578ac0cadd2bfb121e8 | - | ol8_aarch64_appstream | |
| tigervnc-server-module-1.13.1-2.el8_9.10.aarch64.rpm | b0293b776212eb135d3313c622b22dbf | - | ol8_aarch64_appstream | |
| Oracle Linux 8 (x86_64) | tigervnc-1.13.1-2.el8_9.10.src.rpm | 68184bbe5f2994475b6198dc7aa9af49 | - | ol8_x86_64_appstream |
| tigervnc-1.13.1-2.el8_9.10.x86_64.rpm | b471cd134c1f6bfffefafb0fb15a84ed | - | ol8_x86_64_appstream | |
| tigervnc-icons-1.13.1-2.el8_9.10.noarch.rpm | 0f7a1bf2bb5f23cf226b8a8c8536ba77 | - | ol8_x86_64_appstream | |
| tigervnc-license-1.13.1-2.el8_9.10.noarch.rpm | ce9fe41c083c6745a7b7708d09531acb | - | ol8_x86_64_appstream | |
| tigervnc-selinux-1.13.1-2.el8_9.10.noarch.rpm | 4d14eab0bdb7da294ac197cd6867c2a9 | - | ol8_x86_64_appstream | |
| tigervnc-server-1.13.1-2.el8_9.10.x86_64.rpm | 182db9ff8ba4d3108b6f7633dd75c643 | - | ol8_x86_64_appstream | |
| tigervnc-server-minimal-1.13.1-2.el8_9.10.x86_64.rpm | 734f65750f5d54ead86db241eecead91 | - | ol8_x86_64_appstream | |
| tigervnc-server-module-1.13.1-2.el8_9.10.x86_64.rpm | e48209d0a327c118cda87afa84aa0659 | - | ol8_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
