ALSA-2024:2616

[ALSA-2024:2616] Important: tigervnc security update

Type:

security

Severity:

important

Release date:

2024-05-07

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (CVE-2024-31080)
* xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice (CVE-2024-31081)
* xorg-x11-server: User-after-free in ProcRenderAddGlyphs (CVE-2024-31083)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-1.13.1-8.el9_4.3.aarch64.rpm	1981c56dccb8024d726baa607b622288d8ffa47f7413216e04fdec2b4f170842
aarch64	tigervnc-server-1.13.1-8.el9_4.3.aarch64.rpm	1cb40b2474bcfb928047d0bbd61ebfc8b19096e5c38b76a814dd16144fa70448
aarch64	tigervnc-server-minimal-1.13.1-8.el9_4.3.aarch64.rpm	635ccc19d478b3a1c948da077cbb2ce94c7e23cf5a7332c8ca24944e8b4deb25
aarch64	tigervnc-server-module-1.13.1-8.el9_4.3.aarch64.rpm	66ddcbea3bb7395a67a407935b10dfa5b71414931c410289365cc142ccbc39b7
noarch	tigervnc-selinux-1.13.1-8.el9_4.3.noarch.rpm	88652459ddee8141a01cb5d645b69d58dedb3a05a9566afcaa09e66ea70b3603
noarch	tigervnc-license-1.13.1-8.el9_4.3.noarch.rpm	a1dbfd534a994217c669b5b8951f5cc408536fc21ed62f9ff803c3f2251e6efe
noarch	tigervnc-icons-1.13.1-8.el9_4.3.noarch.rpm	a421fb125245971d1fc8ec645d9ca3e6ced04403cb7342fa35834f4b276df45e
ppc64le	tigervnc-server-1.13.1-8.el9_4.3.ppc64le.rpm	3648f7c857d86f28327c751499307505c44888be63c7b5abc60510108497a85f
ppc64le	tigervnc-server-module-1.13.1-8.el9_4.3.ppc64le.rpm	a544f3a6e79cdfd9b561f375804905e3cfc0b3669a3fe0895f6963abb7da3a55
ppc64le	tigervnc-server-minimal-1.13.1-8.el9_4.3.ppc64le.rpm	c194c45716fee5f3b7b9e799a6a11384472ac6f7ef6307a275d45ac5b9bbd2e1
ppc64le	tigervnc-1.13.1-8.el9_4.3.ppc64le.rpm	e39c3a65d0d3760f4f7dcbea43e8ff2546f4cc3738321670fcb5411af7b03384
s390x	tigervnc-server-minimal-1.13.1-8.el9_4.3.s390x.rpm	52a9f604559d6e2ba43959e344e4abe48342968ddccd4a5b529f0cbf7e77e97c
s390x	tigervnc-server-1.13.1-8.el9_4.3.s390x.rpm	6749bf2f1ade1c4319e4cd99502367a5bc7f00b403eb4ffdb58dd72c3de631b3
s390x	tigervnc-server-module-1.13.1-8.el9_4.3.s390x.rpm	df5b16866d49d917fdff14f9bd691fab9ea84f53400c0d4b2fd96c8eec6011d2
s390x	tigervnc-1.13.1-8.el9_4.3.s390x.rpm	f504ce4661c8e0294100ce83757ec6e7d4aa8738a3d81d625a04c6d21c30716b
x86_64	tigervnc-server-1.13.1-8.el9_4.3.x86_64.rpm	3912b50127788c30488ec557a7f8de805e749e240bf19df3ff65a89515e1fcb8
x86_64	tigervnc-1.13.1-8.el9_4.3.x86_64.rpm	4559b03b633c11108acc7962ff0f7ac8886b8cf1d137a691ce2c04f54e74a846
x86_64	tigervnc-server-minimal-1.13.1-8.el9_4.3.x86_64.rpm	a883f48e19451f2d7e1550c7b3ddffa41adc24253b6b466b5baee2521d91087c
x86_64	tigervnc-server-module-1.13.1-8.el9_4.3.x86_64.rpm	f38bb74d8fb019286262972f877d8cd9d22f15f0edac0891b9d9e25e1cbd75b8

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.