UbuntuUpdates.org

Package "xpmutils"

Name: xpmutils

Description:

X11 pixmap utilities
Latest version: 1:3.5.12-1.1ubuntu0.1
Release: lunar (23.04)
Level: security
Repository: universe
Head package: libxpm
Homepage: https://www.x.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "xpmutils"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "xpmutils" in Lunar

Repository Area Version
base universe 1:3.5.12-1.1
updates universe 1:3.5.12-1.1ubuntu0.1

Changelog

Version: 1:3.5.12-1.1ubuntu0.1 2023-10-03 19:10:18 UTC

  libxpm (1:3.5.12-1.1ubuntu0.1) lunar-security; urgency=medium

  * SECURITY UPDATE: stack exhaustion from infinite recursion in
    PutSubImage() in libx11
    - d/p/0004-test-Add-test-case-for-CVE-2023-43786-stack-exhausti.patch
    - d/p/0005-Avoid-CVE-2023-43786-stack-exhaustion-in-XPutImage.patch
    - CVE-2023-43786
  * SECURITY UPDATE: integer overflow in XCreateImage() leading to a heap
    overflow in libx11
    - d/p/0006-test-Add-test-case-for-CVE-2023-43787-integer-overfl.patch
    - d/p/0007-Avoid-CVE-2023-43787-integer-overflow-in-XCreateImag.patch
    - CVE-2023-43787
  * SECURITY UPDATE: out of bounds read in XpmCreateXpmImageFromBuffer()
    - d/p/0001-Fix-CVE-2023-43788-Out-of-bounds-read-in-XpmCreateXp.patch
    - CVE-2023-43788
  * SECURITY UPDATE: out of bounds read on XPM with corrupted colormap
    - d/p/0003-Fix-CVE-2023-43789-Out-of-bounds-read-on-XPM-with-co.patch
    - CVE-2023-43789

 -- Marc Deslauriers <email address hidden> Mon, 02 Oct 2023 15:33:34 -0400
CVE-2023-43786 libX11: stack exhaustion from infinite recursion in PutSubImage()
CVE-2023-43787 ibX11: integer overflow in XCreateImage() leading to a heap overflow
CVE-2023-43788 libXpm: out of bounds read in XpmCreateXpmImageFromBuffer()
CVE-2023-43789 libXpm: out of bounds read on XPM with corrupted colormap


About   -   Send Feedback to @ubuntu_updates