Alerts This Week
Warning Icon 1 1,179
Alerts This Week
Warning Icon 1 1,179

Slackware 15.0: 2025-056-02 critical: Tigervnc buffer overflow

slackware
Calendar Grey February 25, 2025
Dist Slackware Esm H88
Recent updates to the tigervnc packages resolve critical vulnerabilities affecting Slackware 15.0 and its current builds; prioritize your system's safety today.
New tigervnc packages are available for Slackware 15.0 and -current to fix security issues

Summary

Here are the details from the Slackware 15.0 ChangeLog: extra/tigervnc/tigervnc-1.12.0-i586-8_slack15.0.txz: Rebuilt. Recompiled against xorg-server-1.20.14, including patches for security issues: Use-after-free of the root cursor. Buffer overflow in XkbVModMaskText(). Heap overflow in XkbWriteKeySyms(). Buffer overflow in XkbChangeTypesOfKey(). Out-of-bounds write in CreatePointerBarrierClient(). Use of uninitialized pointer in compRedirectWindow(). Use-after-free in PlayReleasedEvents(). Use-after-free in SyncInitTrigger(). Thanks to Jan-Niklas Sohn and the Trend Micro Zero Day Initiative. For more information, see: https://lists.x.org/archives/xorg-announce/2025-February/003584.html https://www.cve.org/CVERecord?id=CVE-2025-26594 https://www.cve.org/CVERecord?id=CVE-2025-26595 https://www.cve.org/CVERecord?id=CVE-2025-26596 https://www.cve.org/CVERecord?id=CVE-2025-26597 https://www.cve.org/CVERecord?id=CVE-2025-26598

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory buffer overflow critical heap overflow system update Slackware out-of-bounds tigervnc Tigervnc root cursor

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/extra/tigervnc/tigervnc-1.12.0-i586-8_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/extra/tigervnc/tigervnc-1.12.0-x86_64-8_slack15.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/extra/tigervnc/tigervnc-1.15.0-i686-2.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/extra/tigervnc/tigervnc-1.15.0-x86_64-2.txz

MD5 Signatures

Slackware 15.0 package: dd57484551753bc4761ca907fd0e63d9 tigervnc-1.12.0-i586-8_slack15.0.txz
Slackware x86_64 15.0 package: 035f5f7e9b1ab41b50475cc1cea45026 tigervnc-1.12.0-x86_64-8_slack15.0.txz
Slackware -current package: 14983373c208e9fc21f2cfbd25906916 tigervnc-1.15.0-i686-2.txz
Slackware x86_64 -current package: 2d203089e6176209ac61fc5a81f89547 tigervnc-1.15.0-x86_64-2.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory buffer overflow critical heap overflow system update Slackware out-of-bounds tigervnc Tigervnc root cursor

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg tigervnc-1.12.0-i586-8_slack15.0.txz

Your message here