ELSA-2026-22456 - tigervnc security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2026-07-09 |
Description
[1.8.0-33.0.11]
- Fix CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002,
CVE-2026-34003 and CVE-2026-34352 [Orabug: 39478221]
[1.8.0-33.0.9]
- Fix CVE-2025-62229: xorg-x11-server: Use-after-free in XPresentNotify structures creation [Orabug: 38694278]
- Fix CVE-2025-62230: xorg-x11-server: Use-after-free in Xkb client resource removal
- Fix CVE-2025-62231: xorg-x11-server: Value overflow in Xkb extension XkbSetCompatMap()
[1.8.0-33.0.7]
- Fix CVE-2025-49175, CVE-2025-49176, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180 [Orabug: 38157695]
[1.8.0-33.0.5]
- Fix CVE-2025-26594 xorg-x11-server Use-after-free of the root cursor [Orabug: 37712725]
- Fix CVE-2025-26595 xorg-x11-server Buffer overflow in XkbVModMaskText()
- Fix CVE-2025-26596 xorg-x11-server Heap overflow in XkbWriteKeySyms()
- Fix CVE-2025-26597 xorg-x11-server Buffer overflow in XkbChangeTypesOfKey()
- Fix CVE-2025-26598 xorg-x11-server Out-of-bounds write in CreatePointerBarrierClient()
- Fix CVE-2025-26599 xorg-x11-server Use of uninitialized pointer in compRedirectWindow()
- Fix CVE-2025-26600 xorg-x11-server Use-after-free in PlayReleasedEvents()
- Fix CVE-2025-26601 xorg-x11-server Use-after-free in SyncInitTrigger()
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 7 (x86_64) | tigervnc-1.8.0-33.0.11.el7_9.src.rpm | 92b41dfb6618dae4a3fdcfb5515820066a2c56a13b2d61b15475817476c52cae | - | ol7_x86_64_latest_ELS |
| tigervnc-1.8.0-33.0.11.el7_9.x86_64.rpm | 55b7f779474cde962d63868d36e70b916b815b4de446e5b70d499293546c15fd | - | ol7_x86_64_latest_ELS |
| tigervnc-icons-1.8.0-33.0.11.el7_9.noarch.rpm | 71fc7959ca8c539ddbf9aa47d55d22533794cc663fa1937fdd48c09e3b8b340b | - | ol7_x86_64_latest_ELS |
| tigervnc-license-1.8.0-33.0.11.el7_9.noarch.rpm | 4b371c683a6b6d39ad482921a5fecf8fd6109b0aa82314f2dd98bb0ce2c5e8f2 | - | ol7_x86_64_latest_ELS |
| tigervnc-server-1.8.0-33.0.11.el7_9.x86_64.rpm | 93dfe146147a573e026f4a1df898558af14a990e80a05c6dda8d5d6f71463aff | - | ol7_x86_64_latest_ELS |
| tigervnc-server-applet-1.8.0-33.0.11.el7_9.noarch.rpm | f5efe82a4d8f37f2d3114db7ef6062395056a0491d118dc8766c3268d73d1b5a | - | ol7_x86_64_latest_ELS |
| tigervnc-server-minimal-1.8.0-33.0.11.el7_9.x86_64.rpm | f30b8392f428c1f3a37a3edc6943a0e04c7f1267c730f1a698782de91c394169 | - | ol7_x86_64_latest_ELS |
| tigervnc-server-module-1.8.0-33.0.11.el7_9.x86_64.rpm | 68e74c951c9e0bfdecc804a1ad69d77b3147038d42e15c01bd918958e0ef0f37 | - | ol7_x86_64_latest_ELS |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team