ALSA-2024:3261

[ALSA-2024:3261] Important: tigervnc security update

Type:

security

Severity:

important

Release date:

2024-05-29

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (CVE-2024-31080)
* xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice (CVE-2024-31081)
* xorg-x11-server: Use-after-free in ProcRenderAddGlyphs (CVE-2024-31083)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-server-module-1.13.1-10.el8_10.aarch64.rpm	14322cc30a074d8cef8e6027f0641e2adf92d155d21bf78927b20cc2e36a90ae
aarch64	tigervnc-server-minimal-1.13.1-10.el8_10.aarch64.rpm	28b15a472afa2a048c26756ca7ff0463aa10b03416a3ff1ea44c95bc668cc6f7
aarch64	tigervnc-server-1.13.1-10.el8_10.aarch64.rpm	38929aa79cfbd9a91a16dfc357726c615921b9bdc1c775953173a6b8293ca908
aarch64	tigervnc-1.13.1-10.el8_10.aarch64.rpm	b120f79958302ba0d83001144aa219a3ad7293f924476284be589e4bc3cc3779
noarch	tigervnc-icons-1.13.1-10.el8_10.noarch.rpm	29bab73157ea600472fec725aeef74127d9a8f11bd48357a91aadd405f6ec61f
noarch	tigervnc-selinux-1.13.1-10.el8_10.noarch.rpm	409616efd6fe42f3d743bd5fadfc160eac43167c7856f6fbe1349babea3d14c9
noarch	tigervnc-license-1.13.1-10.el8_10.noarch.rpm	598b4cfdcd915c8fd4f4ccf80e58ba708651b0e4401d7e2e6f3c774e45dc4e3c
ppc64le	tigervnc-server-minimal-1.13.1-10.el8_10.ppc64le.rpm	22802a1c5d4e5a60c68770ec3fd9783a87168b6e69a3f51cb5da9a1939bf6b9b
ppc64le	tigervnc-1.13.1-10.el8_10.ppc64le.rpm	6a36d0c82cb4e9ff9ba6e083a53d8d4679df98d20fcef0c04f1321b24052d5cc
ppc64le	tigervnc-server-module-1.13.1-10.el8_10.ppc64le.rpm	916345990fd6d061a1671c813c49e23d1d29c0eb00b33d8d9042e1d83bd15583
ppc64le	tigervnc-server-1.13.1-10.el8_10.ppc64le.rpm	eba0d63d072a1bfa08516ee79dbefce4252f24191e21db30fd7e14e8486f54c3
s390x	tigervnc-server-module-1.13.1-10.el8_10.s390x.rpm	235b8daf2e00c13434f749d47be9f56f1aca2bf41d7b41876a73b40b535bbf1d
s390x	tigervnc-server-minimal-1.13.1-10.el8_10.s390x.rpm	911d84aa7bf68328c269be1c34ec3cbac981400f7d676c4960352d5e4c67b103
s390x	tigervnc-1.13.1-10.el8_10.s390x.rpm	b78f8349947e1273fab5109170b2ee64485bde442311f3f9677ee935f78ea584
s390x	tigervnc-server-1.13.1-10.el8_10.s390x.rpm	ba6dcbedc981701582d5ce8978513c5061846eea32485ded37e910b021047829
x86_64	tigervnc-server-module-1.13.1-10.el8_10.x86_64.rpm	7c703927b4a488384d91c21a20598d6d37536a7c15a6726d697f6a9037d5f0e8
x86_64	tigervnc-1.13.1-10.el8_10.x86_64.rpm	9ac0d6cbcdbe76d9c223bb28116e5b186fa0e70f3d0af91edd690392d71e5653
x86_64	tigervnc-server-1.13.1-10.el8_10.x86_64.rpm	ae0f3ff660eb1e18801e7b2e1be0fb2bddbdd20c28d82b33d50b56717a87b556
x86_64	tigervnc-server-minimal-1.13.1-10.el8_10.x86_64.rpm	d07a1b04e1cd19d4385dc2f1416095dc1ed3ddebae8a0b6a19db57836f4e6e26

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.