Advisory: CLSA-2025:1744223313
OS: AlmaLinux 9.2 ESU
Public date: 2025-04-09 18:28:35
Project: tigervnc
Version: 1.12.0-13.el9_2.tuxcare.els10
Errata link: https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2025-1744223313.html
- CVE-2024-31080: xorg-x11-server: fix heap-based buffer over-read vulnerability in ProcXIGetSelectedEvents() by avoiding byte-swapped length values in replies - CVE-2024-9632: xorg-x11-server: fix improperly tracked allocation size in _XkbSetCompatMap to prevent buffer overflow condition - CVE-2024-31081: xorg-x11-server: fix heap-based buffer over-read vulnerability in ProcXIPassiveGrabDevice() function to prevent memory leakage and segmentation faults by handling byte-swapped length values in replies correctly
Update command: dnf update tigervnc*
tigervnc-1.12.0-13.el9_2.tuxcare.els10.x86_64.rpm tigervnc-icons-1.12.0-13.el9_2.tuxcare.els10.noarch.rpm tigervnc-license-1.12.0-13.el9_2.tuxcare.els10.noarch.rpm tigervnc-selinux-1.12.0-13.el9_2.tuxcare.els10.noarch.rpm tigervnc-server-1.12.0-13.el9_2.tuxcare.els10.x86_64.rpm tigervnc-server-minimal-1.12.0-13.el9_2.tuxcare.els10.x86_64.rpm tigervnc-server-module-1.12.0-13.el9_2.tuxcare.els10.x86_64.rpm