UbuntuUpdates.org

Package "libxkbcommon"

Name: libxkbcommon

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • library interface to the XKB compiler - development files
  • library interface to the XKB compiler - documentation
  • library to create keymaps with the XKB X11 protocol
  • library to create keymaps with the XKB X11 protocol - development files

Latest version: 0.8.2-1~ubuntu18.04.1
Release: bionic (18.04)
Level: updates
Repository: main

Links



Other versions of "libxkbcommon" in Bionic

Repository Area Version
base main 0.8.0-1
security main 0.8.0-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.8.2-1~ubuntu18.04.1 2019-10-21 16:07:02 UTC

  libxkbcommon (0.8.2-1~ubuntu18.04.1) bionic; urgency=medium

  * Backport to bionic
    - sync with upstream, drop CVE patches
    - sync packaging, mark -dev packages M-A: same (LP: #1772512)

Source diff to previous version
1772512 Unable to install i386 and amd64 arch at the same time

Version: 0.8.0-1ubuntu0.1 2018-11-06 16:06:53 UTC

  libxkbcommon (0.8.0-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15853.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15853
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15854.patch: fix in
      src/xkbcomp/ast-build.c, src/xkbcomp/ast-build.h,
      src/xkbcomp/ast.h, src/xkbcomp/parser.y.
    - CVE-2018-15854
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15855.patch: fix in
      src/xkbcomp/keymap.c, src/xkbcomp/parser.y.
    - CVE-2018-15855
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15856.patch: fix in src/compose/parser.c.
    - CVE-2018-15856
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15857.patch: fix in src/xkbcomp/ast-build.c.
    - CVE-2018-15857
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15858.patch: fix in src/xkbcomp/keycodes.c.
    - CVE-2018-15858
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15859.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15859
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15861.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15861
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15862.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15862
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15863.patch: fix in src/xkbcomp/compat.c.
    - CVE-2018-15863
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15864.patch: fix in src/xkbcomp/parser.y.
    - CVE-2018-15864

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 06 Nov 2018 08:36:17 -0300

CVE-2018-15853 Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon user
CVE-2018-15854 Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by s
CVE-2018-15855 Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by s
CVE-2018-15856 An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attacker
CVE-2018-15857 An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon key
CVE-2018-15858 Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by
CVE-2018-15859 Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attacker
CVE-2018-15861 Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer de
CVE-2018-15862 Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer der
CVE-2018-15863 Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NUL
CVE-2018-15864 Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer



About   -   Send Feedback to @ubuntu_updates