libX11-1.6.7-4.el7

エラータID: AXSA:2021-2389:01

Release date: 
Monday, August 30, 2021 - 12:47
Subject: 
libX11-1.6.7-4.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The libX11 packages contain the core X11 protocol client library.

Security Fix(es):

* libX11: missing request length checks (CVE-2021-31535)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-31535
LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. libX11-1.6.7-4.el7.src.rpm
    MD5: 7fd8be938bab9801224274ec8ba35401
    SHA-256: 53ba51d4d918a5a037dd0c41bb5f4f765db7f7a33c0551fa94f9acec1bac3981
    Size: 2.21 MB

Asianux Server 7 for x86_64
  1. libX11-1.6.7-4.el7.x86_64.rpm
    MD5: fea571263e95c56bfcd99bd037421bab
    SHA-256: f1b66e25ee49a5d4ac1cbcaa6ddbb6adccdd7df46995bb7fe01dfc504703e447
    Size: 606.16 kB
  2. libX11-common-1.6.7-4.el7.noarch.rpm
    MD5: ebfa3e4c6c6cfeedc1a8a9f84f0325a8
    SHA-256: 05078ae0d9c06f78768a8ba75952c4bc14106c0076f62c8551bb50a25bfbc196
    Size: 163.48 kB
  3. libX11-devel-1.6.7-4.el7.x86_64.rpm
    MD5: 2dddd76452e8b290599eb14b46ab427e
    SHA-256: e91d14daae027c56ea7b01f8744953873bbd394181ce7e13ebc6ae154117c1ac
    Size: 0.96 MB
  4. libX11-1.6.7-4.el7.i686.rpm
    MD5: 6e7439c78f20e579476ab0e7125ca1f2
    SHA-256: 9d39c6ca36840f297808353c11f0ee712f2ca8b975811ac3164f92d295d9629b
    Size: 610.49 kB
  5. libX11-devel-1.6.7-4.el7.i686.rpm
    MD5: e1b51815e459ccba281bf8bc94ed177f
    SHA-256: d161aca9e7c0401b7db61cc4e7adc65d8ec7b29f7b97168e851797b264b501eb
    Size: 0.96 MB