tigervnc-1.12.0-9.el8.3

エラータID: AXSA:2023-5248:06

Release date: 
Wednesday, April 5, 2023 - 02:25
Subject: 
tigervnc-1.12.0-9.el8.3
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability (CVE-2023-1393)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

Solution: 

Update packages.

CVEs: 
CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
Additional Info: 

N/A

Download: 

SRPMS
  1. tigervnc-1.12.0-9.el8.3.src.rpm
    MD5: 4e3e2fbf68bb3355ce52599e0f7c581c
    SHA-256: 2a45449a0dd01d9d66b6701e833476981a557c42f9123dbfc9faf27db7987d31
    Size: 1.55 MB

Asianux Server 8 for x86_64
  1. tigervnc-1.12.0-9.el8.3.x86_64.rpm
    MD5: b6c00f246d7c53602a5e458a716f54fd
    SHA-256: ac00e0af9c3f8f34ae53864ed111c5c7d20c5081d763f6b7af84ccdafe5938a7
    Size: 341.53 kB
  2. tigervnc-icons-1.12.0-9.el8.3.noarch.rpm
    MD5: b35c085d9fc5b9bb463398623ce0cb0c
    SHA-256: 0bd91aaab002de2f4870d659ca3f62a59e30d3711e62bde0d60906d022e01932
    Size: 46.10 kB
  3. tigervnc-license-1.12.0-9.el8.3.noarch.rpm
    MD5: 168994da278e329887c06cb2f3798392
    SHA-256: 532696738ff24c277543ee6e16e909a874abfd707d546b1f1e6266eb839f841b
    Size: 39.35 kB
  4. tigervnc-selinux-1.12.0-9.el8.3.noarch.rpm
    MD5: dedb0e46b3a6a7bf601ddccc84abcd5e
    SHA-256: 398b60fd4c66ca9a77eaa37212f3ed734dbf517623c64120b2f31aa62576f0a0
    Size: 47.89 kB
  5. tigervnc-server-1.12.0-9.el8.3.x86_64.rpm
    MD5: a3b4c609f1f73988d05dfb03c48d7f15
    SHA-256: da806dd814342401ae202f853d9d851a1f028c0143a7a538952e16fd90e4a23a
    Size: 285.73 kB
  6. tigervnc-server-minimal-1.12.0-9.el8.3.x86_64.rpm
    MD5: 88b217910e255988c50daa375ae7b7b7
    SHA-256: e151cb0428295df30a82e96b0fe5bad4a89e649f22e13b09ea30b52a4e790339
    Size: 1.12 MB
  7. tigervnc-server-module-1.12.0-9.el8.3.x86_64.rpm
    MD5: db6090a3058b321f48df2cbe4bc44b00
    SHA-256: 7f5f83d0e9a8f4cd29ae09c368675f5ce8cb23f75cc069574cdf78128c0a878b
    Size: 261.27 kB