UbuntuUpdates.org

Package "libxkbcommon"

Name: libxkbcommon

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • library interface to the XKB compiler - development files
  • library to create keymaps with the XKB X11 protocol
  • library to create keymaps with the XKB X11 protocol - development files
  • library interface to the XKB compiler - shared library

Latest version: 0.5.0-1ubuntu2.1
Release: xenial (16.04)
Level: security
Repository: main

Links



Other versions of "libxkbcommon" in Xenial

Repository Area Version
base main 0.5.0-1ubuntu2
updates main 0.5.0-1ubuntu2.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.5.0-1ubuntu2.1 2018-10-08 15:07:03 UTC

  libxkbcommon (0.5.0-1ubuntu2.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15853.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15853
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15854.patch: fix in
      src/xkbcomp/ast-build.c, src/xkbcomp/ast-build.h,
      src/xkbcomp/ast.h, src/xkbcomp/parser.y.
    - CVE-2018-15854
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15855.patch: fix in
      src/xkbcomp/keymap.c, src/xkbcomp/parser.y.
    - CVE-2018-15855
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15856.patch: fix in src/compose/parser.c.
    - CVE-2018-15856
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15857.patch: fix in src/xkbcomp/ast-build.c.
    - CVE-2018-15857
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15858.patch: fix in src/xkbcomp/keycodes.c.
    - CVE-2018-15858
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15859.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15859
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15861.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15861
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15862.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15862
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15863.patch: fix in src/xkbcomp/compat.c.
    - CVE-2018-15863
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15864.patch: fix in src/xkbcomp/parser.y.
    - CVE-2018-15864

 -- <email address hidden> (Leonidas S. Barbosa) Wed, 03 Oct 2018 14:39:34 -0300

CVE-2018-15853 Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon user
CVE-2018-15854 Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by s
CVE-2018-15855 Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by s
CVE-2018-15856 An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attacker
CVE-2018-15857 An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon key
CVE-2018-15858 Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by
CVE-2018-15859 Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attacker
CVE-2018-15861 Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer de
CVE-2018-15862 Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer der
CVE-2018-15863 Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NUL
CVE-2018-15864 Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer



About   -   Send Feedback to @ubuntu_updates