Download
| Alert*
oval:org.secpod.oval:def:89002395
This update for xorg-x11-libX11 fixes the following issues: - CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact - CVE-2018-14600: The function XListExtensions interpreted a var ... oval:org.secpod.oval:def:2103421 An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault). oval:org.secpod.oval:def:89002308 This update for libX11 and libxcb fixes the following issue: libX11: These security issues were fixed: - CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact . - CVE-2018-14600: Th ... oval:org.secpod.oval:def:1801199 CVE-2018-14598: Crash on invalid reply in XListExtensions in ListExt.c¶ An issue was discovered in ListExt.c:XListExtensions and GetFPath.c:XGetFontPath in libX11 through version 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL ... oval:org.secpod.oval:def:1801204 CVE-2018-14598: Crash on invalid reply in XListExtensions in ListExt.c¶ An issue was discovered in ListExt.c:XListExtensions and GetFPath.c:XGetFontPath in libX11 through version 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL ... oval:org.secpod.oval:def:1801205 CVE-2018-14598: Crash on invalid reply in XListExtensions in ListExt.c¶ An issue was discovered in ListExt.c:XListExtensions and GetFPath.c:XGetFontPath in libX11 through version 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL ... oval:org.secpod.oval:def:1801206 CVE-2018-14598: Crash on invalid reply in XListExtensions in ListExt.c¶ An issue was discovered in ListExt.c:XListExtensions and GetFPath.c:XGetFontPath in libX11 through version 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL ... oval:org.secpod.oval:def:205280 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * libX11: Crash on invalid reply in XListExtensions in ListExt.c * libX11: Off-by-one error in XListExtensions in ... oval:org.secpod.oval:def:205281 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * libX11: Crash on invalid reply in XListExtensions in ListExt.c * libX11: Off-by-one error in XListExtensions in ... oval:org.secpod.oval:def:205343 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * libX11: Crash on invalid reply in XListExtensions in ListExt.c * libX11: Off-by-one error in XListExtensions in ... oval:org.secpod.oval:def:51117 libx11: X11 client-side library Several security issues were fixed in libx11. oval:org.secpod.oval:def:89049623 This update for libX11 fixes the following security issues: - CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact - CVE-2018-14600: The function XListExtensions interpreted a var ... oval:org.secpod.oval:def:704307 libx11: X11 client-side library Several security issues were fixed in libx11. oval:org.secpod.oval:def:1504545 gdm [3.28.2-16] - Dont bring up login screen if background session gets killed Related: #1680120 [3.28.2-15] - sync AllowMultipleSessionsPerUser patch from 7.6 branch Resolves: #1664353 - Create dconf dirs by default Resolves: #1664284 [3.28.2-14] - Fix unlock on XDMCP sessions Resolves: #1693060 [3 ... oval:org.secpod.oval:def:205308 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * libX11: Crash on invalid reply in XListExtensions in ListExt.c * libX11: Off-by-one error in XListExtensions in ... oval:org.secpod.oval:def:205309 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * libX11: Crash on invalid reply in XListExtensions in ListExt.c * libX11: Off-by-one error in XListExtensions in ... oval:org.secpod.oval:def:503295 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * libX11: Crash on invalid reply in XListExtensions in ListExt.c * libX11: Off-by-one error in XListExtensions in ... oval:org.secpod.oval:def:205435 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * libX11: Crash on invalid reply in XListExtensions in ListExt.c * libX11: Off-by-one error in XListExtensions in ... oval:org.secpod.oval:def:205314 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * libX11: Crash on invalid reply in XListExtensions in ListExt.c * libX11: Off-by-one error in XListExtensions in ... oval:org.secpod.oval:def:205279 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * libX11: Crash on invalid reply in XListExtensions in ListExt.c * libX11: Off-by-one error in XListExtensions in ... oval:org.secpod.oval:def:1700342 It was discovered that libX11 does not properly validate input coming from the server, causing XListExtensions and XGetFontPath functions to produce an invalid list of elements that in turn make XFreeExtensionsList and XFreeFontPath access invalid memory. An attacker who can either configure a malic ... |