ALSA-2023:2830

[ALSA-2023:2830] Moderate: tigervnc security and bug fix update

Type:

security

Severity:

moderate

Release date:

2023-05-19

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg-x11-server: XkbGetKbdByName use-after-free (CVE-2022-4283)
* xorg-x11-server: XTestSwapFakeInput stack overflow (CVE-2022-46340)
* xorg-x11-server: XIPassiveUngrab out-of-bounds access (CVE-2022-46341)
* xorg-x11-server: XvdiSelectVideoNotify use-after-free (CVE-2022-46342)
* xorg-x11-server: ScreenSaverSetAttributes use-after-free (CVE-2022-46343)
* xorg-x11-server: XIChangeProperty out-of-bounds access (CVE-2022-46344)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-server-minimal-1.12.0-15.el8_8.aarch64.rpm	0daee4e92fe36564e5720a0f3ebd4fdc6c7c23a9b9dc743a7f79609ae15dd833
aarch64	tigervnc-server-1.12.0-15.el8_8.aarch64.rpm	0fed48f43d5fd6789f245fc4963312c1a004aa05b6b1a4bb859716931abe1f35
aarch64	tigervnc-1.12.0-15.el8_8.aarch64.rpm	5a7efcbf194c34f20893b8dbfb625b463dac2b89c2b1a7053d1100adfc563402
aarch64	tigervnc-server-module-1.12.0-15.el8_8.aarch64.rpm	f726ef31793c7edc37c66a30a5f938e98ced8dee8b9bb5cdf504b151ce0005c3
noarch	tigervnc-selinux-1.12.0-15.el8_8.noarch.rpm	aa3122e1a2fa65bd6e5d829d4172c41da997b7328836a637ac226fb46991b1b7
noarch	tigervnc-icons-1.12.0-15.el8_8.noarch.rpm	ba11bb2a682f93ffd34b0ff8f63d0105286630bc5759789bd88f3dd049746852
noarch	tigervnc-license-1.12.0-15.el8_8.noarch.rpm	e7da2965e266ccae24554e7d87d4f8307f9b7db4be5c3cb381b72a8a48325b78
ppc64le	tigervnc-server-minimal-1.12.0-15.el8_8.ppc64le.rpm	362b451f981f97ab60ee256a3769611d89d05e7ab9c30d56848fc39ec17e7a0f
ppc64le	tigervnc-server-module-1.12.0-15.el8_8.ppc64le.rpm	70ce7ebe8a5f71ccf7183f55a8e335c3a18437a418a8a297bc1564915c5f1d24
ppc64le	tigervnc-1.12.0-15.el8_8.ppc64le.rpm	af9fbda6566e714b201f60fd7e54af0511e902c3b732abc1479a7e525e820d57
ppc64le	tigervnc-server-1.12.0-15.el8_8.ppc64le.rpm	df35371acf5483eb1b39e3d4e9b1e99233aed713fc758ed2b9e90ac297f036d2
s390x	tigervnc-server-1.12.0-15.el8_8.s390x.rpm	0dce657d14e83051505b0976ec42540bd0b5de8287eac1305e27972419d617b8
s390x	tigervnc-server-module-1.12.0-15.el8_8.s390x.rpm	4a5ad828a1d357868e9bdfcd39479c3c585251f12c713f1e6df06c05ed9ac0eb
s390x	tigervnc-1.12.0-15.el8_8.s390x.rpm	b51ef44eb4fd07c286dc42eb37c447698619310e336bd3851deb0592f616f0dd
s390x	tigervnc-server-minimal-1.12.0-15.el8_8.s390x.rpm	eaeb2bb5830f61d79cf1a2fb11b16c28d10a9a7bb1cf58f396d19dc4af928564
x86_64	tigervnc-server-module-1.12.0-15.el8_8.x86_64.rpm	146dc5853aa2ab6b2ab4c8c45c4b365836e0bdbbcb717783f368ac24512c6263
x86_64	tigervnc-1.12.0-15.el8_8.x86_64.rpm	6dec6d662f51500d94cb74ce6c04838ee530ec8b49d41a186cec2bc419983562
x86_64	tigervnc-server-1.12.0-15.el8_8.x86_64.rpm	8a4fbcd48ac301092be48d6bd8bbab7f8e873026127326d74bf691e42b3733cd
x86_64	tigervnc-server-minimal-1.12.0-15.el8_8.x86_64.rpm	98b0362881b183f1eec8dc4580731f90d283bd727ec4d0d037c1df135c41a168

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.