Oracle8: ELSA-2024-2037: tigervnc security Important Security Advisory Updates
Summary
[1.13.1-2.10] - Fix crash caused by fix for CVE-2024-31083 Resolves: RHEL-30981 [1.13.1-2.9] - Rebuild (z-stream target) Resolves: RHEL-31011 Resolves: RHEL-30981 Resolves: RHEL-30998 [1.13.1-2.8] - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents Resolves: RHEL-31011 - Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs Resolves: RHEL-30981 - Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice Resolves: RHEL-30998 [1.13.1-3.7] - Fix use after free related to CVE-2024-21886 Resolves: RHEL-20432 - Fix copy/paste error in the DeviceStateNotify Resolves: RHEL-20583 [1.13.1-3.6] - Don't try to get pointer position when the pointer becomes a floating device Resolves: RHEL-20432 [1.13.1-3.5] - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20432 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent Resolves: RHEL-20420 - Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access Resolves: RHEL-20583 - Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer Resolves: RHEL-21252 [1.13.1-2.4] - Updated fix for CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions Resolves: RHEL-18409 [1.13.1-2.3] - Rebuild (selinux-policy) Resolves: RHEL-18409 Resolves: RHEL-18421 [1.13.1-2.2] - Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions Resolves: RHEL-18409 - Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty Resolves: RHEL-18421 [1.13.1-2.1] - Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow - Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty Resolves: RHEL-15229
SRPMs
http://oss.oracle.com/ol8/SRPMS-updates//tigervnc-1.13.1-2.el8_9.10.src.rpm
x86_64
tigervnc-1.13.1-2.el8_9.10.x86_64.rpm tigervnc-icons-1.13.1-2.el8_9.10.noarch.rpm tigervnc-license-1.13.1-2.el8_9.10.noarch.rpm tigervnc-selinux-1.13.1-2.el8_9.10.noarch.rpm tigervnc-server-1.13.1-2.el8_9.10.x86_64.rpm tigervnc-server-minimal-1.13.1-2.el8_9.10.x86_64.rpm tigervnc-server-module-1.13.1-2.el8_9.10.x86_64.rpm
aarch64
tigervnc-1.13.1-2.el8_9.10.aarch64.rpm tigervnc-icons-1.13.1-2.el8_9.10.noarch.rpm tigervnc-license-1.13.1-2.el8_9.10.noarch.rpm tigervnc-selinux-1.13.1-2.el8_9.10.noarch.rpm tigervnc-server-1.13.1-2.el8_9.10.aarch64.rpm tigervnc-server-minimal-1.13.1-2.el8_9.10.aarch64.rpm tigervnc-server-module-1.13.1-2.el8_9.10.aarch64.rpm
i386