ELSA-2024-3067

ELSA-2024-3067 - tigervnc security update

Type:SECURITY
Severity:MODERATE
Release Date:2024-05-23

Description


[1.13.1-8]
- Fix copy/paste error in the DeviceStateNotify
Resolves: RHEL-20530

[1.13.1-7]
- Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
Resolves: RHEL-20388
- Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
Resolves: RHEL-20382
- Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
Resolves: RHEL-20530
- Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
Resolves: RHEL-21214

[1.13.1-6]
- Use dup() to get available file descriptor when using -inetd option
Resolves: RHEL-21000

[1.13.1-5]
- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
Resolves: RHEL-18410
- Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
Resolves: RHEL-18422

[1.13.1-4]
- Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
Resolves: RHEL-15236

- Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
Resolves: RHEL-15230

[1.13.1-3]
- Support username alias in PlainUsers
Resolves: RHEL-4258


Related CVEs


CVE-2023-5380

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) tigervnc-1.13.1-8.el8.src.rpmc4515fde98548f72cd92ec92403143f9-ol8_aarch64_appstream
tigervnc-1.13.1-8.el8.aarch64.rpmf0d37dc79dd6b290d5474d63c95cf58a-ol8_aarch64_appstream
tigervnc-icons-1.13.1-8.el8.noarch.rpmc7c9649bbf08d81013eb0cd6ae5e522d-ol8_aarch64_appstream
tigervnc-license-1.13.1-8.el8.noarch.rpm2f509f89a101e2b963dcf2262e73403f-ol8_aarch64_appstream
tigervnc-selinux-1.13.1-8.el8.noarch.rpm9bb8cea576588359ca4cee7194566b8e-ol8_aarch64_appstream
tigervnc-server-1.13.1-8.el8.aarch64.rpm9d9a9ce76ee7478bffa7ad9df9aaf049-ol8_aarch64_appstream
tigervnc-server-minimal-1.13.1-8.el8.aarch64.rpmdc4dd26f26d4142201daf3415d944371-ol8_aarch64_appstream
tigervnc-server-module-1.13.1-8.el8.aarch64.rpm026d358416c90d1521daa49be69a434c-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) tigervnc-1.13.1-8.el8.src.rpmc4515fde98548f72cd92ec92403143f9-ol8_x86_64_appstream
tigervnc-1.13.1-8.el8.x86_64.rpm5d57edd6730a3b5408d3131df01ede3b-ol8_x86_64_appstream
tigervnc-icons-1.13.1-8.el8.noarch.rpmc7c9649bbf08d81013eb0cd6ae5e522d-ol8_x86_64_appstream
tigervnc-license-1.13.1-8.el8.noarch.rpm2f509f89a101e2b963dcf2262e73403f-ol8_x86_64_appstream
tigervnc-selinux-1.13.1-8.el8.noarch.rpm9bb8cea576588359ca4cee7194566b8e-ol8_x86_64_appstream
tigervnc-server-1.13.1-8.el8.x86_64.rpmf44728711696fca2dffa8de28f61375b-ol8_x86_64_appstream
tigervnc-server-minimal-1.13.1-8.el8.x86_64.rpmf69532d6c207829b5e57127fe6246777-ol8_x86_64_appstream
tigervnc-server-module-1.13.1-8.el8.x86_64.rpm9e8c5134ecb80cbdb9340d0f71e07424-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete