[ALSA-2025:9392] Important: tigervnc security update
Type:
security
Severity:
important
Release date:
2025-07-03
Description:
Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors (CVE-2025-49175) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension (CVE-2025-49176) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore (CVE-2025-49178) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension (CVE-2025-49179) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension (CVE-2025-49180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 tigervnc-server-1.15.0-7.el8_10.aarch64.rpm 02a2db095602fc2747fad6410d55553b0a62343f2988fd6f4068187020489af4
aarch64 tigervnc-server-module-1.15.0-7.el8_10.aarch64.rpm 067780c2132ae2819a7ce7a67128f59a377661214ebc3f69b390e1033c4435dd
aarch64 tigervnc-1.15.0-7.el8_10.aarch64.rpm 3abe08b1a0dc81f1fa42385b89a9878df80a965ac2ac84850b3478ff38d75301
aarch64 tigervnc-server-minimal-1.15.0-7.el8_10.aarch64.rpm 9515ed289c40fe9843151dae0202280dfde71bb4fd7d95bfa9f99da9b9229bb3
noarch tigervnc-selinux-1.15.0-7.el8_10.noarch.rpm 94e5261f745334ef10f02f40c51932b0872bee49cdfacb3e96e0a373e1bf8097
noarch tigervnc-license-1.15.0-7.el8_10.noarch.rpm aab7395fe072615eba486b8a37400d00c25053e67fe12f53a267884336340c51
noarch tigervnc-icons-1.15.0-7.el8_10.noarch.rpm fcb641c782b06223bf9edd1ce3a6d1f0b8927553c2c11c2d159c1f3ecf784e3d
ppc64le tigervnc-1.15.0-7.el8_10.ppc64le.rpm 0d4664965de6e769788ffbc224661f19c586f586983c1a2c3291440473ca8170
ppc64le tigervnc-server-module-1.15.0-7.el8_10.ppc64le.rpm 2faae525ac5d73a8de970dc2aa01a48747d69050afaf856d35bf47d7de096e83
ppc64le tigervnc-server-1.15.0-7.el8_10.ppc64le.rpm a199f060b29964ea5db49cced14affa660d63c262400b653ae5a43c43c0e4e0e
ppc64le tigervnc-server-minimal-1.15.0-7.el8_10.ppc64le.rpm da34edfd5a14efb6776faa54a1704385a892ebe53120f63541a0e657316bc86f
s390x tigervnc-server-module-1.15.0-7.el8_10.s390x.rpm 97b988b7f97ca1a562d8690d8fa5e3e40190ee72bc2f61180dacb20c25add30d
s390x tigervnc-server-1.15.0-7.el8_10.s390x.rpm cdaa79b94bf252ce960f1e7e15db405fc0e96edc5e09ed73a1032b105e724f3a
s390x tigervnc-server-minimal-1.15.0-7.el8_10.s390x.rpm e6c46c29e10b022c30ec0c5ba9dee6fa881bba10b886ea5d7102e0c68809c4df
s390x tigervnc-1.15.0-7.el8_10.s390x.rpm f1e63429dd08ee863a2c5589140ee2ec22d8656e4d084b9c839cdbbd4b30a190
x86_64 tigervnc-server-1.15.0-7.el8_10.x86_64.rpm 3a09bb6d1a5f373c2c4290ffa2a20640b14602bb9cfda03d44bb63f89abc71b8
x86_64 tigervnc-server-module-1.15.0-7.el8_10.x86_64.rpm 8c5fbb37fa124fa888caf0adf33a9be07eb761cfd299eea4778b0b4c8a46a394
x86_64 tigervnc-1.15.0-7.el8_10.x86_64.rpm d824402d87d3979f78c0ed8d897f4dcab015a0fe604d478dfb23c7fc982292bb
x86_64 tigervnc-server-minimal-1.15.0-7.el8_10.x86_64.rpm ecd60940e77f63181c97419006b0983a7306e0cfe20d63dbe8477a5543060d1c
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.