Univention Bugzilla – Bug 56741
libx11: Multiple issues (5.0)
Last modified: 2023-10-18 16:20:33 CEST
New Debian libx11 2:1.6.7-1+deb10u4 fixes: This update addresses the following issues: 2:1.6.7-1+deb10u4 (Wed, 04 Oct 2023 17:12:55 +0200) * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage * CVE-2023-43787: integer overflow in XCreateImage * Add some more patches for extra hardening.
--- mirror/ftp/pool/main/libx/libx11/libx11_1.6.7-1+deb10u3.dsc +++ apt/ucs_5.0-0-errata5.0-5/source/libx11_1.6.7-1+deb10u4.dsc @@ -1,3 +1,10 @@ +2:1.6.7-1+deb10u4 [Wed, 04 Oct 2023 17:12:55 +0200] Emilio Pozuelo Monfort <pochu@debian.org>: + + * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms + * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage + * CVE-2023-43787: integer overflow in XCreateImage + * Add some more patches for extra hardening. + 2:1.6.7-1+deb10u3 [Mon, 26 Jun 2023 16:20:01 +0300] Adrian Bunk <bunk@debian.org>: * Non-maintainer upload by the LTS Security Team. <http://piuparts.knut.univention.de/5.0-5/#6133758414871493220>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-5] 7028cd59d5 Bug #56741: libx11 2:1.6.7-1+deb10u4 doc/errata/staging/libx11.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) [5.0-5] 66ebe92b80 Bug #56741: libx11 2:1.6.7-1+deb10u4 doc/errata/staging/libx11.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x840>