Download
| Alert*
oval:org.secpod.oval:def:89045213
This update for the X Window System client libraries fixes a class of privilege escalation issues. A malicious X Server could send specially crafted data to X clients, which allowed for triggering crashes, or privilege escalation if this relationship was untrusted or crossed user or permission level ... oval:org.secpod.oval:def:89045197 This update for xorg-x11-libs fixes the following issues: - insufficient validation of data from the X server can cause a one byte buffer read underrun - insufficient validation of data from the X server can cause out of boundary memory access or endless loops - insufficient validation of data fr ... oval:org.secpod.oval:def:111579 X.Org X11 libXtst runtime library oval:org.secpod.oval:def:1800174 CVE-2016-7951: Insufficient validation of server responses result in Integer overflows CVE-2016-7952: Insufficient validation of server responses result in various data mishandlings Fixed In Version libXtst 1.2.3 Reference Patch oval:org.secpod.oval:def:111411 X.Org X11 libXtst runtime library oval:org.secpod.oval:def:1800373 CVE-2016-7951: Insufficient validation of server responses result in Integer overflows CVE-2016-7952: Insufficient validation of server responses result in various data mishandlings Fixed In Version: libXtst 1.2.3. oval:org.secpod.oval:def:1901450 X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service via a reply in the XRecordStartOfData, XRecordEndOfData, or XRecordClientDied category without a client sequence and with attached data. |