ALSA-2024:0010

[ALSA-2024:0010] Important: tigervnc security update

Type:

security

Severity:

important

Release date:

2024-01-03

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
* xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
* xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-server-minimal-1.13.1-3.el9_3.3.alma.1.aarch64.rpm	1a13b24be33bace5ad9f20da22ae391edd4bd95e4d908fc06c6e56dfcaff7398
aarch64	tigervnc-server-module-1.13.1-3.el9_3.3.alma.1.aarch64.rpm	20e4549dd959284cadc996a4e90d965c03890edf93e985e1529a017f82b54b87
aarch64	tigervnc-1.13.1-3.el9_3.3.alma.1.aarch64.rpm	2213b3427395769f98e02c9cc47e99eabc09266564c9ec5c567df6fb2519f595
aarch64	tigervnc-server-1.13.1-3.el9_3.3.alma.1.aarch64.rpm	db77ffec79a1e3b82cd269dc6af94af266b2a5a67daef9719b975bb7616abfb2
noarch	tigervnc-license-1.13.1-3.el9_3.3.alma.1.noarch.rpm	24e7c7b936310a7431a75cd4667a29a921adf4498d6b590d9d39f8bfc6b04e4d
noarch	tigervnc-icons-1.13.1-3.el9_3.3.alma.1.noarch.rpm	3a9e687b068bc354e443cf57ab3543461ec41d8cb40b8746dd3c3582b55ca406
noarch	tigervnc-selinux-1.13.1-3.el9_3.3.alma.1.noarch.rpm	ff518f13e65a4aca8f744ae459296109897598014a61b9acfb792901d7f37af7
ppc64le	tigervnc-server-minimal-1.13.1-3.el9_3.3.alma.1.ppc64le.rpm	108a58a838295bfb7f06965274bf20b21a76f40bb369005fda3ccad591b4e74e
ppc64le	tigervnc-1.13.1-3.el9_3.3.alma.1.ppc64le.rpm	22d5313b07652f10960dd6348803efc722ea41c56d45f58d9bb5081e8aad15a5
ppc64le	tigervnc-server-module-1.13.1-3.el9_3.3.alma.1.ppc64le.rpm	9247d47a335e2ad5a85451a68e541a5209234d6618c3301c704c8d96c2746fbd
ppc64le	tigervnc-server-1.13.1-3.el9_3.3.alma.1.ppc64le.rpm	9d639ff15e67755a005941668cedaae204cdee3b0059ee6411c7bb9ebfee0fdd
s390x	tigervnc-server-module-1.13.1-3.el9_3.3.alma.1.s390x.rpm	24430a8537d7b994f88520239d1b932eadba811b109399893a8cbfae5d10d213
s390x	tigervnc-server-1.13.1-3.el9_3.3.alma.1.s390x.rpm	6666f3ead3262d4e1fe03f04afd01bbc9a09885b57e1a7e5cb0dd840e45c1f65
s390x	tigervnc-1.13.1-3.el9_3.3.alma.1.s390x.rpm	9ccc182315dfc34d5a11b5fea2179cf96237a98038c069f88e8e2c9a5ab4db48
s390x	tigervnc-server-minimal-1.13.1-3.el9_3.3.alma.1.s390x.rpm	d031d1345a831a91338dd165a0989e3ee59a92419a41998506e985820283d608
x86_64	tigervnc-server-module-1.13.1-3.el9_3.3.alma.1.x86_64.rpm	9b97878d507e9efc30ed97c6fdab5ebcd27a11418765c79f5914033d5bbad642
x86_64	tigervnc-1.13.1-3.el9_3.3.alma.1.x86_64.rpm	9ed29f62f9997d7cd2323f1142e1b6ec12d5429650e5bf614acfcf0a2325893e
x86_64	tigervnc-server-minimal-1.13.1-3.el9_3.3.alma.1.x86_64.rpm	be85686d13303788cd8799efb3c3e891717591e50bd659c8ce0ca02cc0f40b09
x86_64	tigervnc-server-1.13.1-3.el9_3.3.alma.1.x86_64.rpm	f9ceef9b348942adb5aec11ea78deef2fa48a76cadc537f059eb0649ed6ca728

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.