ELSA-2024-2037
- ULN >
- Oracle Linux Errata repository >
- ELSA-2024-2037
ELSA-2024-2037 - tigervnc security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2024-04-24 |
Description
[1.13.1-2.10]
- Fix crash caused by fix for CVE-2024-31083
Resolves: RHEL-30981
[1.13.1-2.9]
- Rebuild (z-stream target)
Resolves: RHEL-31011
Resolves: RHEL-30981
Resolves: RHEL-30998
[1.13.1-2.8]
- Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
Resolves: RHEL-31011
- Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
Resolves: RHEL-30981
- Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
Resolves: RHEL-30998
[1.13.1-3.7]
- Fix use after free related to CVE-2024-21886
Resolves: RHEL-20432
- Fix copy/paste error in the DeviceStateNotify
Resolves: RHEL-20583
[1.13.1-3.6]
- Don't try to get pointer position when the pointer becomes a floating device
Resolves: RHEL-20432
[1.13.1-3.5]
- Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
Resolves: RHEL-20432
- Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
Resolves: RHEL-20420
- Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
Resolves: RHEL-20583
- Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
Resolves: RHEL-21252
[1.13.1-2.4]
- Updated fix for CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
Resolves: RHEL-18409
[1.13.1-2.3]
- Rebuild (selinux-policy)
Resolves: RHEL-18409
Resolves: RHEL-18421
[1.13.1-2.2]
- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
Resolves: RHEL-18409
- Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
Resolves: RHEL-18421
[1.13.1-2.1]
- Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
- Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
Resolves: RHEL-15229
Related CVEs
| CVE-2024-31080 |
| CVE-2024-31083 |
| CVE-2024-31081 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | tigervnc-1.13.1-2.el8_9.10.src.rpm | ee447687a90212adb63a2250f2c201074dc00f3ab21414aea8d4b0a015664d66 | - | ol8_aarch64_appstream |
| tigervnc-1.13.1-2.el8_9.10.aarch64.rpm | 933c07f3b351e70b8456989c16a9f5f01b1aa69558528dbc4ff63801f8316e23 | - | ol8_aarch64_appstream | |
| tigervnc-icons-1.13.1-2.el8_9.10.noarch.rpm | 9288d973e2567f6b8289a007724d747c32a44cb561251081fe8d9d8efc2ba6b1 | - | ol8_aarch64_appstream | |
| tigervnc-license-1.13.1-2.el8_9.10.noarch.rpm | b57290113535fbb63dd9fb18ac03beb10399a0beef9f4a7d78bd6aa27247c953 | - | ol8_aarch64_appstream | |
| tigervnc-selinux-1.13.1-2.el8_9.10.noarch.rpm | 18803ce725b771c9985e707753f33cf44c6755cd1c5ffa1c60ecbd2c13e4e9ad | - | ol8_aarch64_appstream | |
| tigervnc-server-1.13.1-2.el8_9.10.aarch64.rpm | 03688724437b1e66719e95b01cd84167837cb925c477692593d1456869671b7e | - | ol8_aarch64_appstream | |
| tigervnc-server-minimal-1.13.1-2.el8_9.10.aarch64.rpm | a94521b690991ec00e2c597c35911d7e83eef2843055e77dc7b6e932ac760a7d | - | ol8_aarch64_appstream | |
| tigervnc-server-module-1.13.1-2.el8_9.10.aarch64.rpm | 96ce1525dd2bec27a10afe1a02364c816bcf0ac68d62f6e04b709ed513591170 | - | ol8_aarch64_appstream | |
| Oracle Linux 8 (x86_64) | tigervnc-1.13.1-2.el8_9.10.src.rpm | ee447687a90212adb63a2250f2c201074dc00f3ab21414aea8d4b0a015664d66 | - | ol8_x86_64_appstream |
| tigervnc-1.13.1-2.el8_9.10.x86_64.rpm | e8e77042376c1d21edf03a1b882211cd2b1bd02591f8f4005045472d5994736b | - | ol8_x86_64_appstream | |
| tigervnc-icons-1.13.1-2.el8_9.10.noarch.rpm | 9288d973e2567f6b8289a007724d747c32a44cb561251081fe8d9d8efc2ba6b1 | - | ol8_x86_64_appstream | |
| tigervnc-license-1.13.1-2.el8_9.10.noarch.rpm | b57290113535fbb63dd9fb18ac03beb10399a0beef9f4a7d78bd6aa27247c953 | - | ol8_x86_64_appstream | |
| tigervnc-selinux-1.13.1-2.el8_9.10.noarch.rpm | 18803ce725b771c9985e707753f33cf44c6755cd1c5ffa1c60ecbd2c13e4e9ad | - | ol8_x86_64_appstream | |
| tigervnc-server-1.13.1-2.el8_9.10.x86_64.rpm | f1a21d3b0c6450788dd77f516b8fc9faabbc0f13de3a0bee422df5e62db44a34 | - | ol8_x86_64_appstream | |
| tigervnc-server-minimal-1.13.1-2.el8_9.10.x86_64.rpm | c5b5a14d5250a25c82e53d7d4e7854b7c18e8bbda0a8a75906a997c5d364c271 | - | ol8_x86_64_appstream | |
| tigervnc-server-module-1.13.1-2.el8_9.10.x86_64.rpm | f13f3c178b9ba7fd139d6c74ed0a27fa3a60402781437b3c916271d610a25fbb | - | ol8_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
