Download
| Alert*
oval:org.secpod.oval:def:89045213
This update for the X Window System client libraries fixes a class of privilege escalation issues. A malicious X Server could send specially crafted data to X clients, which allowed for triggering crashes, or privilege escalation if this relationship was untrusted or crossed user or permission level ... oval:org.secpod.oval:def:89045350 libXi was updated to fix two security issues. These security issues were fixed: - CVE-2016-7945: Integer overflows in libXI can cause out of boundary memory access or endless loops . - CVE-2016-7946: Insufficient validation of data in libXI can cause out of boundary memory access or endless loops ... oval:org.secpod.oval:def:89045197 This update for xorg-x11-libs fixes the following issues: - insufficient validation of data from the X server can cause a one byte buffer read underrun - insufficient validation of data from the X server can cause out of boundary memory access or endless loops - insufficient validation of data fr ... oval:org.secpod.oval:def:111407 X.Org X11 libXi runtime library oval:org.secpod.oval:def:1800874 CVE-2016-7945: Insufficient validation of server responses result in Integer overflows CVE-2016-7946: Insufficient validation of server responses result in various data mishandlings Affected versions libXi Fixed In Version libXi 1.7.7 oval:org.secpod.oval:def:111591 X.Org X11 libXi runtime library oval:org.secpod.oval:def:1800462 CVE-2016-7945: Insufficient validation of server responses result in Integer overflows CVE-2016-7946: Insufficient validation of server responses result in various data mishandlings Affected versions: libXi Fixed In Version: libXi 1.7.7 oval:org.secpod.oval:def:1901523 Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service via vectors involving length fields. |