Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 170cf61c by Salvatore Bonaccorso at 2023-10-03T18:56:45+02:00 Track new libx11 and libxpm issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,29 @@ +CVE-2023-43789 [libXpm: out of bounds read on XPM with corrupted colormap] + - libxpm <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1 + NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/7e21cb63b9a1ca760a06cc4cd9b19bbc3fcd8f51 +CVE-2023-43788 [libXpm: out of bounds read in XpmCreateXpmImageFromBuffer()] + - libxpm <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1 + NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/2fa554b01ef6079a9b35df9332bdc4f139ed67e0 +CVE-2023-43787 [ibX11: integer overflow in XCreateImage() leading to a heap overflow] + - libx11 <unfixed> + - libxpm <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1 + NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/7916869d16bdd115ac5be30a67c3749907aea6a0 + NOTE: Hardening: https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/91f887b41bf75648df725a4ed3be036da02e911e +CVE-2023-43786 [libX11: stack exhaustion from infinite recursion in PutSubImage()] + - libx11 <unfixed> + - libxpm <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1 + NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/204c3393c4c90a29ed6bef64e43849536e863a86 + NOTE: Hardening: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/73a37d5f2fcadd6540159b432a70d80f442ddf4a + NOTE: Hardening: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/b4031fc023816aca07fbd592ed97010b9b48784b + NOTE: Hardening: https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/84fb14574c039f19ad7face87eb9acc31a50701c +CVE-2023-43785 [libX11: out-of-bounds memory access in _XkbReadKeySyms()] + - libx11 <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1 + NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/6858d468d9ca55fb4c5fd70b223dbc78a3358a7f CVE-2023-5345 (A use-after-free vulnerability in the Linux kernel's fs/smb/client com ...) - linux <unfixed> NOTE: https://git.kernel.org/linus/e6e43b8aa7cd3c3af686caf0c2e11819a886d705 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/170cf61c22811f68a6ccea95598950302780ebab -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/170cf61c22811f68a6ccea95598950302780ebab You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
