tigervnc-1.8.0-31.0.1.el7.AXS7
エラータID: AXSA:2024-7502:06
Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.
Security Fix(es):
* xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)
* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
CVE-2024-0229
RESERVED
CVE-2024-21885
RESERVED
CVE-2024-21886
RESERVED
Update packages.
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
N/A
SRPMS
- tigervnc-1.8.0-31.0.1.el7.AXS7.src.rpm
MD5: a62a8d6f000605bff256c6da5e436f3b
SHA-256: 331381e390b922ff5a88f20757ff8bc3888e628f819f85ba140d06634d151f1e
Size: 1.47 MB
Asianux Server 7 for x86_64
- tigervnc-1.8.0-31.0.1.el7.AXS7.x86_64.rpm
MD5: eaa4ffad770c8a6a60b18792c0336198
SHA-256: 76a7b6250ba48c5b1b77fbcb8d770512f51d3bbeba15305020458862061072a8
Size: 238.16 kB - tigervnc-icons-1.8.0-31.0.1.el7.AXS7.noarch.rpm
MD5: 4fac04a64125a3d2323a0c0190b89c85
SHA-256: 65a0c31a87020332e8adca90da76c4cb3abbb747e14d74f987d009d69ea0a693
Size: 41.52 kB - tigervnc-license-1.8.0-31.0.1.el7.AXS7.noarch.rpm
MD5: ca2f409f898f07c0a82e91e4def0af80
SHA-256: b4cd8e80b8b35b684e2612db9c8028a0a2637de5f4b8950ce3c1ebc0b359ed8a
Size: 32.27 kB - tigervnc-server-1.8.0-31.0.1.el7.AXS7.x86_64.rpm
MD5: 1b0ef941924e3edf904a42dd343f4cf7
SHA-256: 789eb1afeedc2eba901ae8058c102e8cfc2d8d8a867f62885d642b65fbc0376c
Size: 213.32 kB - tigervnc-server-minimal-1.8.0-31.0.1.el7.AXS7.x86_64.rpm
MD5: d99acb60bde80105b4b5506828b7ef0f
SHA-256: 3646763083baf7832fc3eefe4f0b2e881e78acc60389395dead6e120d8dbbea7
Size: 1.04 MB