ELSA-2024-2298

ELSA-2024-2298 - tigervnc security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2024-05-02

Description


[1.13.1-8]
- Fix copy/paste error in the DeviceStateNotify
Resolves: RHEL-20533

[1.13.1-7]
- Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
Resolves: RHEL-20389
- Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
Resolves: RHEL-20383
- Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
Resolves: RHEL-20533
- Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
Resolves: RHEL-21213

[1.13.1-6]
- Use dup() to get available file descriptor when using -inetd option
Resolves: RHEL-19858

[1.13.1-5]
- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
Resolves: RHEL-18414
- Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
Resolves: RHEL-18426

[1.13.1-4]
- Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
Resolves: RHEL-15237

- Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
Resolves: RHEL-15249


Related CVEs


CVE-2023-5574
CVE-2023-5380

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) tigervnc-1.13.1-8.el9.src.rpmed73006cd425db735151234b2f891853-ol9_aarch64_appstream
tigervnc-1.13.1-8.el9.aarch64.rpmf7185a4817850dd3385159cdbea0a901-ol9_aarch64_appstream
tigervnc-icons-1.13.1-8.el9.noarch.rpmf0109c3b071a79fc6164e11c9913bc3e-ol9_aarch64_appstream
tigervnc-license-1.13.1-8.el9.noarch.rpmfe3ca7d6879a94364da6c597b39f1d6a-ol9_aarch64_appstream
tigervnc-selinux-1.13.1-8.el9.noarch.rpm57c471a074806211b5cf438dbf160432-ol9_aarch64_appstream
tigervnc-server-1.13.1-8.el9.aarch64.rpm7b3195e3097c83ef809c0d74ef1339fa-ol9_aarch64_appstream
tigervnc-server-minimal-1.13.1-8.el9.aarch64.rpm5861e228634599d682724e04a31a3906-ol9_aarch64_appstream
tigervnc-server-module-1.13.1-8.el9.aarch64.rpmda2331ec788938ed9d7fa670926a5f7a-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) tigervnc-1.13.1-8.el9.src.rpmed73006cd425db735151234b2f891853-ol9_x86_64_appstream
tigervnc-1.13.1-8.el9.x86_64.rpm923f2463b593215b73baa00e27c059d4-ol9_x86_64_appstream
tigervnc-icons-1.13.1-8.el9.noarch.rpmf0109c3b071a79fc6164e11c9913bc3e-ol9_x86_64_appstream
tigervnc-license-1.13.1-8.el9.noarch.rpmfe3ca7d6879a94364da6c597b39f1d6a-ol9_x86_64_appstream
tigervnc-selinux-1.13.1-8.el9.noarch.rpm57c471a074806211b5cf438dbf160432-ol9_x86_64_appstream
tigervnc-server-1.13.1-8.el9.x86_64.rpm268b091ac4311a3f7be6074d842edb67-ol9_x86_64_appstream
tigervnc-server-minimal-1.13.1-8.el9.x86_64.rpm4ed76bbf2e4edd9a806ef3c5bbe6459a-ol9_x86_64_appstream
tigervnc-server-module-1.13.1-8.el9.x86_64.rpm5fbdb46073d33a7f9a567de3a14839d1-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete