ALSA-2025:19909

[ALSA-2025:19909] Important: tigervnc security update

Type:

security

Severity:

important

Release date:

2025-11-07

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.  

Security Fix(es):  

  * xorg: xmayland: Use-after-free in XPresentNotify structure creation (CVE-2025-62229)
  * xorg: xwayland: Use-after-free in Xkb client resource removal (CVE-2025-62230)
  * xorg: xmayland: Value overflow in XkbSetCompatMap() (CVE-2025-62231)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-1.15.0-8.el8_10.aarch64.rpm	1a0e97e63d8f2105d12237b78f7db9fc1b224baed036d6ed81556cd6e1843ca0
aarch64	tigervnc-server-minimal-1.15.0-8.el8_10.aarch64.rpm	1eec1002ae734e97729111ad3bb124c981fe8e6bfcd8c41cb76c872bef787fbd
aarch64	tigervnc-server-module-1.15.0-8.el8_10.aarch64.rpm	88d6e4edd3dcabfb77f34a596c078d0251681c0efb924013790346925b990c54
aarch64	tigervnc-server-1.15.0-8.el8_10.aarch64.rpm	a81c9a47c0e825a14c8be4193d88e2675c21dcc8c33bbf511ea764fbc5a241eb
noarch	tigervnc-icons-1.15.0-8.el8_10.noarch.rpm	6365df2d3030f33bbeb3edb38de2a46c009646e6b3e9c2361f24ce8e19476cca
noarch	tigervnc-license-1.15.0-8.el8_10.noarch.rpm	63f976f51acf87d2f2cb4106b462077349965da7a7f5c5362cf5d94173bb6569
noarch	tigervnc-selinux-1.15.0-8.el8_10.noarch.rpm	99f98b2268baa552cf015f6d1f98797715a793e35865322596b47d2d71605380
ppc64le	tigervnc-server-module-1.15.0-8.el8_10.ppc64le.rpm	25fa7799c01b4c12cf75ac4b461db64f679f97c4a97d55f140b92540409bcd34
ppc64le	tigervnc-server-1.15.0-8.el8_10.ppc64le.rpm	647433d4d5c61de31e90973fdd2de94419d9d23b1e32c038fb20b72067b2817e
ppc64le	tigervnc-1.15.0-8.el8_10.ppc64le.rpm	97f027ea35e3cdcefb9deb320f1715a97c72d9f8d51ea03b8f31a5045ce0c032
ppc64le	tigervnc-server-minimal-1.15.0-8.el8_10.ppc64le.rpm	eb3076abc5690054bdb8ec9c398a4cf8fc63f8e2933fd860a4e111b6dba8a1d9
s390x	tigervnc-server-1.15.0-8.el8_10.s390x.rpm	063f304f8583c7f2f6769f3a5922a1f4cbeff4be35363e06632ce3d3a12e415e
s390x	tigervnc-server-minimal-1.15.0-8.el8_10.s390x.rpm	55a4a743352aa86f0aef1ddbf2e80ccb6e6bb337a9c20b4ff11993aa9c574dd1
s390x	tigervnc-server-module-1.15.0-8.el8_10.s390x.rpm	a6bb8e2f4083c45ad78b4b662e42bcef461c8d4e298a8ed2d28c4815535357a8
s390x	tigervnc-1.15.0-8.el8_10.s390x.rpm	ed390c083ea5b08b1511132bc83a348f5944e15da71aa3139d4e74043b47f184
x86_64	tigervnc-server-1.15.0-8.el8_10.x86_64.rpm	2bd7fcabc17046c9cd0316602cf09460b895d197983fc7739aa718241a65d09c
x86_64	tigervnc-server-module-1.15.0-8.el8_10.x86_64.rpm	32b5c4b4ec186bc7e7df212ab240496f857425866e65696ab025bd217a032728
x86_64	tigervnc-1.15.0-8.el8_10.x86_64.rpm	db717ca81bfaad15dbe9473123b5dcd06e7021ee57f7d5ca063935dcd03f2abf
x86_64	tigervnc-server-minimal-1.15.0-8.el8_10.x86_64.rpm	dc3ba4646bfd46a5854414a7088af72cb022952ec9d65674eded2435f51202ec

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.