tigervnc-1.12.0-5.el9.2

エラータID: AXSA:2023-5249:07

Release date: 
Tuesday, April 4, 2023 - 13:05
Subject: 
tigervnc-1.12.0-5.el9.2
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability (CVE-2023-1393)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

Solution: 

Update packages.

CVEs: 
CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
Additional Info: 

N/A

Download: 

SRPMS
  1. tigervnc-1.12.0-5.el9.2.src.rpm
    MD5: 4bd5fc17da1f20776a48c06d87a5f486
    SHA-256: 3b45498f77676cd27dd1f5b0e9dfe10979a2b6b2237f46427106524946973a53
    Size: 1.53 MB

Asianux Server 9 for x86_64
  1. tigervnc-1.12.0-5.el9.2.x86_64.rpm
    MD5: 8e18d3323b7af7d92b2e23f50765399a
    SHA-256: b891425a02ac3d0f77825af1eb86c6655ba233ccfc3521523b9c18768d660e83
    Size: 323.05 kB
  2. tigervnc-icons-1.12.0-5.el9.2.noarch.rpm
    MD5: c3b52d6487e5bd3b2f1349ce9a4678c5
    SHA-256: 01b3c1b5dc9adbeeb737e78a554cbe06426057a19667a65d95a933c3e404c766
    Size: 22.20 kB
  3. tigervnc-license-1.12.0-5.el9.2.noarch.rpm
    MD5: b3ab4860235136e297e1a5e50e11d222
    SHA-256: 1065c9b07391b670db57136deea8dbc167fa386b3d768220fe3a536a84489448
    Size: 14.91 kB
  4. tigervnc-selinux-1.12.0-5.el9.2.noarch.rpm
    MD5: 1918f7e4f9dbf587fb2f002d64872bcf
    SHA-256: cdbf9d045f8d560ad94f5a53abd5bebd68bc3821235d1de2e186ce04c4e5301c
    Size: 23.41 kB
  5. tigervnc-server-1.12.0-5.el9.2.x86_64.rpm
    MD5: e484bee1bc4b360f9c5c4dab809d402f
    SHA-256: 4bce3a306ca428e46baa93855a6a02c24415547ca6b39e1256b22e97b5d3afb4
    Size: 256.70 kB
  6. tigervnc-server-minimal-1.12.0-5.el9.2.x86_64.rpm
    MD5: 314e47eec669a33f982fc80a7ca349b9
    SHA-256: dda5d987fac5bf56a5821404310f17eed1f2b6ff124e5832781aed656ecfc665
    Size: 1.13 MB
  7. tigervnc-server-module-1.12.0-5.el9.2.x86_64.rpm
    MD5: a9ea5aa2fe2ecc2b24ec655f2b20e901
    SHA-256: c182512f836cbede477b78ddac3a11a6362720aa3efceefd74ee9218401f89f0
    Size: 234.00 kB