-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-06bff5611a 2023-10-07 03:23:27.435890 --------------------------------------------------------------------------------
Name : libX11 Product : Fedora 39 Version : 1.8.7 Release : 1.fc39 URL : http://www.x.org Summary : Core X11 protocol client library Description : Core X11 protocol client library.
-------------------------------------------------------------------------------- Update Information:
libX11 1.8.7, fixes (CVE-2023-43785 to 43789) -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 4 2023 Peter Hutterer peter.hutterer@redhat.com - 1.8.7-1 - libX11 1.8.7 - CVE-2023-43785 libX11: out-of-bounds memory access in _XkbReadKeySyms() - CVE-2023-43786 libX11: stack exhaustion from infinite recursion in PutSubImage() - CVE-2023-43787 libX11: integer overflow in XCreateImage() leading to a heap overflow - CVE-2023-43788 libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() - CVE-2023-43789 libXpm: out of bounds read on XPM with corrupted colormap * Thu Sep 7 2023 Jos�� Exp��sito jexposit@redhat.com - 1.8.6-3 - SPDX Migration -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2242436 - libX11 1.8.7 fixes CVE-2023-43785 to 43789 https://bugzilla.redhat.com/show_bug.cgi?id=2242436 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-06bff5611a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------