SUSE-SU-2017:3025-1 -- SLES xorg-x11-server, xorg-x11-XvncID: oval:org.secpod.oval:def:89044546 | Date: (C)2021-06-30 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for xorg-x11-server provides several fixes. These security issues were fixed: - CVE-2017-13723: Prevent local DoS via unusual characters in XkbAtomText and XkbStringText . - Improve the entropy when generating random data used in X.org server authorization cookies generation by using getentropy and getrandom when available - CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed unvalidated lengths in multiple extensions - CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES extension. - CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions - CVE-2017-12179: Fixed an integer overflow and unvalidated length in ProcXIBarrierReleasePointer in Xi - CVE-2017-12178: Fixed a wrong extra length check in ProcXIChangeHierarchy in Xi - CVE-2017-12177: Fixed an unvalidated variable-length request in ProcDbeGetVisualInfo - CVE-2017-12176: Fixed an unvalidated extra length in ProcEstablishConnection
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
xorg-x11-server |
xorg-x11-Xvnc |