UbuntuUpdates.org

Package "libx11-6-dbg"

Name: libx11-6-dbg

Description:

X11 client-side library (debug package)

Latest version: 2:1.6.2-1ubuntu2.1
Release: trusty (14.04)
Level: updates
Repository: main
Head package: libx11

Links


Download "libx11-6-dbg"


Other versions of "libx11-6-dbg" in Trusty

Repository Area Version
base main 2:1.6.2-1ubuntu2
security main 2:1.6.2-1ubuntu2.1

Changelog

Version: 2:1.6.2-1ubuntu2.1 2018-08-30 20:06:36 UTC

  libx11 (2:1.6.2-1ubuntu2.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2016-7942.patch: fix in src/GetImage.c.
    - CVE-2016-7942
  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2016-7943.patch: fix in src/FontNames.c,
      src/ListExt.c, src/ModMap.c.
    - CVE-2016-7943
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-14598.patch: fix in src/GetFPath.c,
      src/ListExt.c.
    - CVE-2018-14598
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-14599.patch: fix in src/FontNames.c,
      src/GetFPath.c, src/ListExt.c.
    - CVE-2018-14599
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-14600.patch: fix in src/GetFPath.
    - CVE-2018-14600

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 30 Aug 2018 10:34:11 -0300

CVE-2016-7942 The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, wh
CVE-2016-7943 The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigg
CVE-2018-14598 An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overfl
CVE-2018-14599 An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious s
CVE-2018-14600 An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resul



About   -   Send Feedback to @ubuntu_updates