ELSA-2024-2037 -- Oracle tigervncID: oval:org.secpod.oval:def:1507489 | Date: (C)2024-05-09 (M)2024-05-29 |
Class: PATCH | Family: unix |
[1.13.1-2.10] - Fix crash caused by fix for CVE-2024-31083 Resolves: RHEL-30981 [1.13.1-2.9] - Rebuild Resolves: RHEL-31011 Resolves: RHEL-30981 Resolves: RHEL-30998 [1.13.1-2.8] - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents Resolves: RHEL-31011 - Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs Resolves: RHEL-30981 - Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice Resolves: RHEL-30998 [1.13.1-3.7] - Fix use after free related to CVE-2024-21886 Resolves: RHEL-20432 - Fix copy/paste error in the DeviceStateNotify Resolves: RHEL-20583 [1.13.1-3.6] - Don"t try to get pointer position when the pointer becomes a floating device Resolves: RHEL-20432 [1.13.1-3.5] - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20432 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent Resolves: RHEL-20420 - Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access Resolves: RHEL-20583 - Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer Resolves: RHEL-21252 [1.13.1-2.4] - Updated fix for CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions Resolves: RHEL-18409 [1.13.1-2.3] - Rebuild Resolves: RHEL-18409 Resolves: RHEL-18421 [1.13.1-2.2] - Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions Resolves: RHEL-18409 - Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty Resolves: RHEL-18421 [1.13.1-2.1] - Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow - Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty Resolves: RHEL-15229