Fedora 27: libxkbcommon Security Update
Summary
libxkbcommon is the X.Org library for compiling XKB maps into formats usable by
the X Server or other display servers.
libxkbcommon 0.8.2, CVE-2018-15853 through to 15864. These fix a number of
memory handling issues with xkbcommon. Together with the keymap FD handling in
various Wayland compositors (keymaps could be mapped rw and clients could thus
replace the content) libxkbcommon's memory issues could serve as attack vector
to gain access to another client. The update to 0.8.2 is a lot easier and safer
than backporting all patches, given the number of other fixes not (yet?)
assigned a CVE.
* Mon Aug 6 2018 Peter Hutterer
- libxkbcommon 0.8.2
* Tue Jul 31 2018 Florian Weimer
- Rebuild with fixed binutils
* Mon Jul 30 2018 Peter Hutterer
- Fix invalid pointer passed to FreeStmt()
* Fri Jul 13 2018 Fedora Release Engineering
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 7 2018 Fedora Release Engineering
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sat Feb 3 2018 Igor Gnatenko
- Switch to %ldconfig_scriptlets
* Tue Dec 19 2017 Peter Hutterer
- libxkbcommon 0.8.0
su -c 'dnf upgrade --advisory FEDORA-2018-11ed8d95e2' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
FEDORA-2018-11ed8d95e2 2018-09-29 23:56:16.096133 Product : Fedora 27 Version : 0.8.2 Release : 1.fc27 URL : https://www.x.org/wiki/ Summary : X.Org X11 XKB parsing library Description : libxkbcommon is the X.Org library for compiling XKB maps into formats usable by the X Server or other display servers. libxkbcommon 0.8.2, CVE-2018-15853 through to 15864. These fix a number of memory handling issues with xkbcommon. Together with the keymap FD handling in various Wayland compositors (keymaps could be mapped rw and clients could thus replace the content) libxkbcommon's memory issues could serve as attack vector to gain access to another client. The update to 0.8.2 is a lot easier and safer than backporting all patches, given the number of other fixes not (yet?) assigned a CVE. * Mon Aug 6 2018 Peter Hutterer 0.8.2-1 - libxkbcommon 0.8.2 * Tue Jul 31 2018 Florian Weimer - 0.8.0-6 - Rebuild with fixed binutils * Mon Jul 30 2018 Peter Hutterer 0.8.0-5 - Fix invalid pointer passed to FreeStmt() * Fri Jul 13 2018 Fedora Release Engineering - 0.8.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering - 0.8.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Sat Feb 3 2018 Igor Gnatenko - 0.8.0-2 - Switch to %ldconfig_scriptlets * Tue Dec 19 2017 Peter Hutterer 0.8.0-1 - libxkbcommon 0.8.0 su -c 'dnf upgrade --advisory FEDORA-2018-11ed8d95e2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Change Log
References