Oracle Linux Security Advisory ELSA-2024-0018

https://linux.oracle.com/errata/ELSA-2024-0018.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
tigervnc-1.13.1-2.el8_9.4.x86_64.rpm
tigervnc-icons-1.13.1-2.el8_9.4.noarch.rpm
tigervnc-license-1.13.1-2.el8_9.4.noarch.rpm
tigervnc-selinux-1.13.1-2.el8_9.4.noarch.rpm
tigervnc-server-1.13.1-2.el8_9.4.x86_64.rpm
tigervnc-server-minimal-1.13.1-2.el8_9.4.x86_64.rpm
tigervnc-server-module-1.13.1-2.el8_9.4.x86_64.rpm

aarch64:
tigervnc-1.13.1-2.el8_9.4.aarch64.rpm
tigervnc-icons-1.13.1-2.el8_9.4.noarch.rpm
tigervnc-license-1.13.1-2.el8_9.4.noarch.rpm
tigervnc-selinux-1.13.1-2.el8_9.4.noarch.rpm
tigervnc-server-1.13.1-2.el8_9.4.aarch64.rpm
tigervnc-server-minimal-1.13.1-2.el8_9.4.aarch64.rpm
tigervnc-server-module-1.13.1-2.el8_9.4.aarch64.rpm


SRPMS:
https://oss.oracle.com:443/ol8/SRPMS-updates//tigervnc-1.13.1-2.el8_9.4.src.rpm

Related CVEs:

CVE-2023-6377
CVE-2023-6478




Description of changes:

[1.13.1-2.4]
- xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
- xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380)
- xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
- xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle8: ELSA-2024-0018: tigervnc security Important Security Update

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[1.13.1-2.4] - xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367) - xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380) - xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377) - xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates//tigervnc-1.13.1-2.el8_9.4.src.rpm

x86_64

tigervnc-1.13.1-2.el8_9.4.x86_64.rpm tigervnc-icons-1.13.1-2.el8_9.4.noarch.rpm tigervnc-license-1.13.1-2.el8_9.4.noarch.rpm tigervnc-selinux-1.13.1-2.el8_9.4.noarch.rpm tigervnc-server-1.13.1-2.el8_9.4.x86_64.rpm tigervnc-server-minimal-1.13.1-2.el8_9.4.x86_64.rpm tigervnc-server-module-1.13.1-2.el8_9.4.x86_64.rpm

aarch64

tigervnc-1.13.1-2.el8_9.4.aarch64.rpm tigervnc-icons-1.13.1-2.el8_9.4.noarch.rpm tigervnc-license-1.13.1-2.el8_9.4.noarch.rpm tigervnc-selinux-1.13.1-2.el8_9.4.noarch.rpm tigervnc-server-1.13.1-2.el8_9.4.aarch64.rpm tigervnc-server-minimal-1.13.1-2.el8_9.4.aarch64.rpm tigervnc-server-module-1.13.1-2.el8_9.4.aarch64.rpm

i386

Severity
Related CVEs: CVE-2023-6377 CVE-2023-6478

Related News

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo