Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Slackware 15.0: 2024-096-01 Moderate: Tigervnc Heap Overread Issue

slackware
Calendar Grey April 5, 2024
Dist Slackware Esm H88
The latest release of Tigervnc packages for Slackware addresses critical security vulnerabilities, notably fixing heap buffer overflows.
New tigervnc packages are available for Slackware 15.0 and -current to fix security issues

Summary

Here are the details from the Slackware 15.0 ChangeLog: extra/tigervnc/tigervnc-1.12.0-i586-6_slack15.0.txz: Rebuilt. Recompiled against xorg-server-1.20.14, including the latest patches for several security issues: Heap buffer overread/data leakage in ProcXIGetSelectedEvents. Heap buffer overread/data leakage in ProcXIPassiveGrabDevice. Heap buffer overread/data leakage in ProcAppleDRICreatePixmap. Use-after-free in ProcRenderAddGlyphs. For more information, see: https://lists.x.org/archives/xorg-announce/2024-April/003497.html https://www.cve.org/CVERecord?id=CVE-2024-31080 https://www.cve.org/CVERecord?id=CVE-2024-31081 https://www.cve.org/CVERecord?id=CVE-2024-31082 https://www.cve.org/CVERecord?id=CVE-2024-31083 (* Security fix *)

Topics%20covered

Topics Covered

security advisory moderate security issue slackware data leak tigervnc heap overread

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/extra/tigervnc/tigervnc-1.12.0-i586-6_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/extra/tigervnc/tigervnc-1.12.0-x86_64-6_slack15.0.txz
Updated package for Slackware -current:
Updated packages for Slackware x86_64 -current:

MD5 Signatures

Slackware 15.0 package: 1b9d9300689d99dc01d93a13bd7ca5f5 tigervnc-1.12.0-i586-6_slack15.0.txz
Slackware x86_64 15.0 package: 6b54b9fd74517d203dd671d1bd4adda4 tigervnc-1.12.0-x86_64-6_slack15.0.txz
Slackware -current package: ec1ad0a545c495e4a3397db00969ce39 tigervnc-1.13.1-i586-5.txz
Slackware x86_64 -current package: 489f6eaadacd1e56f4428dd7e4e5cb5d tigervnc-1.13.1-x86_64-5.txz

Topics%20covered

Topics Covered

security advisory moderate security issue slackware data leak tigervnc heap overread

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg tigervnc-1.12.0-i586-6_slack15.0.txz

Related News

Your message here