ELSA-2024-2973

ELSA-2024-2973 - libX11 security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-05-23

Description

[1.6.8-8]
- Backport fix for Xlib lockups due to recursive XError (RHEL-23452)

[1.6.8-7]
- Fix CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms()
- Fix CVE-2023-43786: stack exhaustion from infinite recursion in
PutSubImage()
- Fix CVE-2023-43787: integer overflow in XCreateImage() leading to
a heap overflow

Related CVEs

CVE-2023-43787

CVE-2023-43786

CVE-2023-43785

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label
Oracle Linux 8 (aarch64)	libX11-1.6.8-8.el8.src.rpm	d4c200fd0257d0078f0adb9554fb7bc4	-	ol8_aarch64_appstream
	libX11-1.6.8-8.el8.aarch64.rpm	3a47546a8585627c110dc03d11696883	-	ol8_aarch64_appstream
	libX11-common-1.6.8-8.el8.noarch.rpm	7270d55607e740dcdad8fbe47af02e38	-	ol8_aarch64_appstream
	libX11-devel-1.6.8-8.el8.aarch64.rpm	f38992822f812fa743707379e012fe34	-	ol8_aarch64_appstream
	libX11-xcb-1.6.8-8.el8.aarch64.rpm	95b4f357cf17bd0a2f6a56d9dd509e96	-	ol8_aarch64_appstream
Oracle Linux 8 (x86_64)	libX11-1.6.8-8.el8.src.rpm	d4c200fd0257d0078f0adb9554fb7bc4	-	ol8_x86_64_appstream
	libX11-1.6.8-8.el8.i686.rpm	c7e210423ce29c91fa6042eeb03685e9	-	ol8_x86_64_appstream
	libX11-1.6.8-8.el8.x86_64.rpm	000d7c6d6007acee35f04ff6fdef1c08	-	ol8_x86_64_appstream
	libX11-common-1.6.8-8.el8.noarch.rpm	7270d55607e740dcdad8fbe47af02e38	-	ol8_x86_64_appstream
	libX11-devel-1.6.8-8.el8.i686.rpm	b58499d276ed691c6b3d54fa98640d83	-	ol8_x86_64_appstream
	libX11-devel-1.6.8-8.el8.x86_64.rpm	dad115a0eb6053b5eb3fba1ce92a84bc	-	ol8_x86_64_appstream
	libX11-xcb-1.6.8-8.el8.i686.rpm	c081bf6cc6eb383cbe155fc91cebc530	-	ol8_x86_64_appstream
	libX11-xcb-1.6.8-8.el8.x86_64.rpm	e92ed6d24dfc7ebcccff3f36753eaa22	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team