Download
| Alert*
|
oval:org.secpod.oval:def:89045213
This update for the X Window System client libraries fixes a class of privilege escalation issues. A malicious X Server could send specially crafted data to X clients, which allowed for triggering crashes, or privilege escalation if this relationship was untrusted or crossed user or permission level ... oval:org.secpod.oval:def:89045134 This update for xorg-x11-libXv fixes the following issues: - insufficient validation of data from the X server can cause memory corruption oval:org.secpod.oval:def:1800807 Insufficient validation of data from the X server can cause out of boundary memory and memory corruption. Affected versions libXv Fixed In Version libXv 1.0.11 oval:org.secpod.oval:def:111415 X.Org X11 libXv runtime library oval:org.secpod.oval:def:111572 X.Org X11 libXv runtime library oval:org.secpod.oval:def:1800335 Insufficient validation of data from the X server can cause out of boundary memory and memory corruption. Affected versions: libXv Fixed In Version: libXv 1.0.11 oval:org.secpod.oval:def:1900569 The XvQueryAdaptors and XvQueryEncodings functions in X.org libxv-dev before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data. |
