libXpm-3.5.13-10.el9

エラータID: AXSA:2024-7916:01

Release date: 
Thursday, May 30, 2024 - 12:34
Subject: 
libXpm-3.5.13-10.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

X.Org X11 libXpm runtime library.

Security Fix(es):

* libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (CVE-2023-43788)
* libXpm: out of bounds read on XPM with corrupted colormap (CVE-2023-43789)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the MIRACLE LINUX 9.4 Release Notes linked from the References section.

CVE-2023-43788
A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system.
CVE-2023-43789
A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system.

Solution: 

Update packages.

CVEs: 
CVE-2023-43788
A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system.
CVE-2023-43789
A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system.
Additional Info: 

N/A

Download: 

SRPMS
  1. libXpm-3.5.13-10.el9.src.rpm
    MD5: 41ffa59e89e159fa4846598ccfd5e270
    SHA-256: 01a2401c458280bdf824a79d7e3947726dfe078ee619f3b265b95ea734910e18
    Size: 470.82 kB

Asianux Server 9 for x86_64
  1. libXpm-3.5.13-10.el9.i686.rpm
    MD5: e5e8a5cd5c9eb4cb3c9b9284eed859fd
    SHA-256: 9e4df4ea2f8d954591216f1aa0991c9ec0fc5e0a4917824dcbebc99d979a16b8
    Size: 59.79 kB
  2. libXpm-3.5.13-10.el9.x86_64.rpm
    MD5: 38a8d575e101c5cc595cb56f6ea8f430
    SHA-256: de440087f6b9c4910b0da553c666430e6566365cae6e6fd20640b8f0d5d02381
    Size: 57.42 kB
  3. libXpm-devel-3.5.13-10.el9.i686.rpm
    MD5: 5bd4b7e80dae683fb0c1a88047678c87
    SHA-256: 9a6cdc1df39899099513a8ddf624b1b7a950e899a6e5784a291309ad3194bbbc
    Size: 34.62 kB
  4. libXpm-devel-3.5.13-10.el9.x86_64.rpm
    MD5: a7e4cfb4330d4a999068ad5203701962
    SHA-256: 01137f8b325731b9eca1e751dfac37427a667858db4006f0fde426f7896c6a30
    Size: 34.25 kB