ALSA-2024:2037

[ALSA-2024:2037] Important: tigervnc security update

Type:

security

Severity:

important

Release date:

2024-04-29

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (CVE-2024-31080)
* xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice (CVE-2024-31081)
* xorg-x11-server: User-after-free in ProcRenderAddGlyphs (CVE-2024-31083)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-1.13.1-2.el8_9.10.alma.1.aarch64.rpm	2a8eb9dc6d208bbddec2f9a1b4915c2d6f6acd4874dc113ae25baf5a433aeb4d
aarch64	tigervnc-server-1.13.1-2.el8_9.10.alma.1.aarch64.rpm	2e40415019957c5742625e5fb71ba699866e19c1e35a1a12c812fc7361ccfda0
aarch64	tigervnc-server-minimal-1.13.1-2.el8_9.10.alma.1.aarch64.rpm	aa1795755281e368e67f16d34a3fc06866a4601e2aa98bd9a36ac21d04e8e53c
aarch64	tigervnc-server-module-1.13.1-2.el8_9.10.alma.1.aarch64.rpm	db26520057ea22455fbc2c0af90af925e29e956e8d872a6f729aac450c8a2775
noarch	tigervnc-selinux-1.13.1-2.el8_9.10.alma.1.noarch.rpm	9cf25d5c5f0da947736b27d04b2dcfae5a5a4428aaee91dc8e2edf7cc89c0b48
noarch	tigervnc-license-1.13.1-2.el8_9.10.alma.1.noarch.rpm	b1c7e094ca741d1c8bb9ae99d575d4f7c53789a7fc57b8103b4c82b0f21046e8
noarch	tigervnc-icons-1.13.1-2.el8_9.10.alma.1.noarch.rpm	b33666864b293f35db2b9980fb783cb4cfdfd28685c545a127b82448f86601a2
ppc64le	tigervnc-1.13.1-2.el8_9.10.alma.1.ppc64le.rpm	38dbdfbc85d16e01492a55b1ad64b960397fba12c957712663a6f4e2b84e387c
ppc64le	tigervnc-server-module-1.13.1-2.el8_9.10.alma.1.ppc64le.rpm	38feb9e3f437415a1533fc5aa54a982805798ca2eaeb35918cd2e9c2340aa8ab
ppc64le	tigervnc-server-1.13.1-2.el8_9.10.alma.1.ppc64le.rpm	93902f41fa9eec40102ce9a0ef1d4dbf6dc1742e09e81d78bd80439061a466ad
ppc64le	tigervnc-server-minimal-1.13.1-2.el8_9.10.alma.1.ppc64le.rpm	af2f96698cdab49fc3196e59bfa6d07b32ce5caeb50414f1d8ae2f68e165efd3
s390x	tigervnc-server-module-1.13.1-2.el8_9.10.alma.1.s390x.rpm	063b4d82444c319d1ad1d4f99668dc1d79bc24f282a1b19e4f509ee7094365c1
s390x	tigervnc-server-minimal-1.13.1-2.el8_9.10.alma.1.s390x.rpm	8577e289179f647554135452db05ddacce9773b17926ae12c1675309edea1e26
s390x	tigervnc-1.13.1-2.el8_9.10.alma.1.s390x.rpm	b4bbcdf39d391504091cf27ee991419f752a3cc59cfa1baae392c8243810461e
s390x	tigervnc-server-1.13.1-2.el8_9.10.alma.1.s390x.rpm	fd9888892d524697871c0ff28bc8da050448d2e58305ef8538874bdd70c26e0a
x86_64	tigervnc-server-minimal-1.13.1-2.el8_9.10.alma.1.x86_64.rpm	70cd719296544a3772bf4a21065fda3a99010168376737c9217e8c27a12b2500
x86_64	tigervnc-server-1.13.1-2.el8_9.10.alma.1.x86_64.rpm	71e8e32c02453bf710db3b7103a8ca42e55d7ed4946d1571c991fbc2de8468f9
x86_64	tigervnc-server-module-1.13.1-2.el8_9.10.alma.1.x86_64.rpm	e90c763510e81c8d4e5ab584a821e41c9a8105f00596efd2874f0136f30c5d41
x86_64	tigervnc-1.13.1-2.el8_9.10.alma.1.x86_64.rpm	ec95b4880db659fd13d9baf061198370ac5e6a1eff1e553f6b5f00fdf919918d

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.