[ubuntu/mantic-proposed] libx11 2:1.8.6-1ubuntu1 (Accepted)

Tue Oct 3 20:20:38 UTC 2023

libx11 (2:1.8.6-1ubuntu1) mantic; urgency=medium

  * SECURITY UPDATE: out-of-bounds memory access in _XkbReadKeySyms()
    - d/p/0001-CVE-2023-43785-out-of-bounds-memory-access-in-_XkbRe.patch
    - CVE-2023-43785
  * SECURITY UPDATE: stack exhaustion from infinite recursion in
    PutSubImage()
    - d/p/0002-CVE-2023-43786-stack-exhaustion-from-infinite-recurs.patch
    - d/p/0003-XPutImage-clip-images-to-maximum-height-width-allowe.patch
    - CVE-2023-43786
  * SECURITY UPDATE: integer overflow in XCreateImage() leading to a heap
    overflow
    - d/p/0004-XCreatePixmap-trigger-BadValue-error-for-out-of-rang.patch
    - d/p/0005-CVE-2023-43787-Integer-overflow-in-XCreateImage-lead.patch
    - CVE-2023-43787

Date: Tue, 03 Oct 2023 14:28:30 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libx11/2:1.8.6-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 03 Oct 2023 14:28:30 -0400
Source: libx11
Built-For-Profiles: noudeb
Architecture: source
Version: 2:1.8.6-1ubuntu1
Distribution: mantic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 libx11 (2:1.8.6-1ubuntu1) mantic; urgency=medium
 .
   * SECURITY UPDATE: out-of-bounds memory access in _XkbReadKeySyms()
     - d/p/0001-CVE-2023-43785-out-of-bounds-memory-access-in-_XkbRe.patch
     - CVE-2023-43785
   * SECURITY UPDATE: stack exhaustion from infinite recursion in
     PutSubImage()
     - d/p/0002-CVE-2023-43786-stack-exhaustion-from-infinite-recurs.patch
     - d/p/0003-XPutImage-clip-images-to-maximum-height-width-allowe.patch
     - CVE-2023-43786
   * SECURITY UPDATE: integer overflow in XCreateImage() leading to a heap
     overflow
     - d/p/0004-XCreatePixmap-trigger-BadValue-error-for-out-of-rang.patch
     - d/p/0005-CVE-2023-43787-Integer-overflow-in-XCreateImage-lead.patch
     - CVE-2023-43787
Checksums-Sha1:
 d33d07e210054d7dda7954cb0477819e8a03ed25 2587 libx11_1.8.6-1ubuntu1.dsc
 4a5c9c3197843a59c5d75ed77e2bfcd79add31eb 77714 libx11_1.8.6-1ubuntu1.diff.gz
 d747088832b2c0f29f468cabd9faf5623fad1e30 6762 libx11_1.8.6-1ubuntu1_source.buildinfo
Checksums-Sha256:
 02681f6864170fe697c73806117a8089208ae6795f6866512e6a00d85c272aae 2587 libx11_1.8.6-1ubuntu1.dsc
 6398e334d73f5135bd5dc51857f8c2b93e9853a5600a370d949ca2e333b21018 77714 libx11_1.8.6-1ubuntu1.diff.gz
 256454f167393089914cff791ccf35e19dfde31fc20615d6ee6d9e346202bcb6 6762 libx11_1.8.6-1ubuntu1_source.buildinfo
Files:
 5da96d93456c2984f0a1b78d0d1fcb37 2587 x11 optional libx11_1.8.6-1ubuntu1.dsc
 095411a3cf73fc5761fe6bbdd6085a55 77714 x11 optional libx11_1.8.6-1ubuntu1.diff.gz
 e4162e4a1a73425a598bbf009d26aa31 6762 x11 optional libx11_1.8.6-1ubuntu1_source.buildinfo
Original-Maintainer: Debian X Strike Force <debian-x at lists.debian.org>