ELSA-2024-2145

ELSA-2024-2145 - libX11 security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-05-02

Description

[1.7.0-9]
- Fix CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms()
- Fix CVE-2023-43786: stack exhaustion from infinite recursion in
PutSubImage()
- Fix CVE-2023-43787: integer overflow in XCreateImage() leading to
a heap overflow

Related CVEs

CVE-2023-43786

CVE-2023-43787

CVE-2023-43785

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	libX11-1.7.0-9.el9.src.rpm	b72ec77717c8272fe3433d0f22a11262	-	ol9_aarch64_appstream
	libX11-1.7.0-9.el9.aarch64.rpm	400a4c3eb33344c369e677fbe3dad9d4	-	ol9_aarch64_appstream
	libX11-common-1.7.0-9.el9.noarch.rpm	6686c48a46afcb7d277e282ca2eba82d	-	ol9_aarch64_appstream
	libX11-devel-1.7.0-9.el9.aarch64.rpm	07718643e8b1778e18c0de2ad4b7b54e	-	ol9_aarch64_appstream
	libX11-xcb-1.7.0-9.el9.aarch64.rpm	b35d5fecbd9369f317711079a6c49c99	-	ol9_aarch64_appstream
Oracle Linux 9 (x86_64)	libX11-1.7.0-9.el9.src.rpm	b72ec77717c8272fe3433d0f22a11262	-	ol9_x86_64_appstream
	libX11-1.7.0-9.el9.i686.rpm	c01c793c5b3902f875865328ebdefd23	-	ol9_x86_64_appstream
	libX11-1.7.0-9.el9.x86_64.rpm	2152a99f50fa015bc72ce8aa9bddd6e3	-	ol9_x86_64_appstream
	libX11-common-1.7.0-9.el9.noarch.rpm	6686c48a46afcb7d277e282ca2eba82d	-	ol9_x86_64_appstream
	libX11-devel-1.7.0-9.el9.i686.rpm	9ad306dd230486c9aa269c89ecff130a	-	ol9_x86_64_appstream
	libX11-devel-1.7.0-9.el9.x86_64.rpm	e7ad084c55ca2431b324c58add93b400	-	ol9_x86_64_appstream
	libX11-xcb-1.7.0-9.el9.i686.rpm	4293a72d3eaed935459a639ad3968ddf	-	ol9_x86_64_appstream
	libX11-xcb-1.7.0-9.el9.x86_64.rpm	e9a5f30aa94a65a54343080bbaffaa34	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team