UbuntuUpdates.org

Package "libxkbcommon0"

Name: libxkbcommon0

Description:

library interface to the XKB compiler - shared library
Latest version: 0.4.1-0ubuntu1.1
Release: trusty (14.04)
Level: updates
Repository: main
Head package: libxkbcommon
Homepage: http://www.xkbcommon.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libxkbcommon0"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libxkbcommon0" in Trusty

Repository Area Version
base main 0.4.1-0ubuntu1
security main 0.4.1-0ubuntu1.1
PPA: Gnome Shell 0.4.3-2~14.04~ricotz1

Changelog

Version: 0.4.1-0ubuntu1.1 2018-10-08 15:07:00 UTC

  libxkbcommon (0.4.1-0ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15853.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15853
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15854.patch: fix in
      src/xkbcomp/ast-build.c, src/xkbcomp/ast-build.h,
      src/xkbcomp/ast.h, src/xkbcomp/parser.y.
    - CVE-2018-15854
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15855.patch: fix in
      src/xkbcomp/keymap.c, src/xkbcomp/parser.y.
    - CVE-2018-15855
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15856.patch: fix in src/compose/parser.c.
    - CVE-2018-15856
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15857.patch: fix in src/xkbcomp/ast-build.c.
    - CVE-2018-15857
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15859.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15859
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15861.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15861
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15862.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15862
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15863.patch: fix in src/xkbcomp/compat.c.
    - CVE-2018-15863
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15864.patch: fix in src/xkbcomp/parser.y.
    - CVE-2018-15864

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 04 Oct 2018 15:38:49 -0300
CVE-2018-15853 Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon user
CVE-2018-15854 Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by s
CVE-2018-15855 Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by s
CVE-2018-15856 An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attacker
CVE-2018-15857 An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon key
CVE-2018-15859 Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attacker
CVE-2018-15861 Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer de
CVE-2018-15862 Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer der
CVE-2018-15863 Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NUL
CVE-2018-15864 Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer


About   -   Send Feedback to @ubuntu_updates