Advisory: CLSA-2025:1744213437
OS: AlmaLinux 9.2 ESU
Public date: 2025-04-09 15:43:59
Project: tigervnc
Version: 1.12.0-13.el9_2.tuxcare.els9
Errata link: https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2025-1744213437.html
- CVE-2023-6816: xorg-x11-server: fix use-after-free issue by adding check to allocate sufficient space for logical button maps to prevent heap overflow in DeviceFocusEvent and XIQueryPointer replies - CVE-2023-5367: xorg-x11-server: correct buffer offset handling in XIChangeDeviceProperty and RRChangeOutputProperty to prevent out-of-bound writes during append/prepend operations - CVE-2023-6478: xorg-x11-server: fix integer overflow in RRChangeProviderProperty and RRChangeOutputProperty to prevent disclosure of sensitive information
Update command: dnf update tigervnc*
tigervnc-1.12.0-13.el9_2.tuxcare.els9.x86_64.rpm tigervnc-icons-1.12.0-13.el9_2.tuxcare.els9.noarch.rpm tigervnc-license-1.12.0-13.el9_2.tuxcare.els9.noarch.rpm tigervnc-selinux-1.12.0-13.el9_2.tuxcare.els9.noarch.rpm tigervnc-server-1.12.0-13.el9_2.tuxcare.els9.x86_64.rpm tigervnc-server-minimal-1.12.0-13.el9_2.tuxcare.els9.x86_64.rpm tigervnc-server-module-1.12.0-13.el9_2.tuxcare.els9.x86_64.rpm