drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in libxkbcommon
Name: |
Mangelnde Rechteprüfung in libxkbcommon |
|
ID: |
FEDORA-2018-11ed8d95e2 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 27 |
|
Datum: |
So, 30. September 2018, 02:08 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15853 |
|
Applikationen: |
X11 |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2018-11ed8d95e2 2018-09-29 23:56:16.096133 ------------------------------------------------------------------------------- -
Name : libxkbcommon Product : Fedora 27 Version : 0.8.2 Release : 1.fc27 URL : http://www.x.org Summary : X.Org X11 XKB parsing library Description : libxkbcommon is the X.Org library for compiling XKB maps into formats usable by the X Server or other display servers.
------------------------------------------------------------------------------- - Update Information:
libxkbcommon 0.8.2, CVE-2018-15853 through to 15864. These fix a number of memory handling issues with xkbcommon. Together with the keymap FD handling in various Wayland compositors (keymaps could be mapped rw and clients could thus replace the content) libxkbcommon's memory issues could serve as attack vector to gain access to another client. The update to 0.8.2 is a lot easier and safer than backporting all patches, given the number of other fixes not (yet?) assigned a CVE. ------------------------------------------------------------------------------- - ChangeLog:
* Mon Aug 6 2018 Peter Hutterer <peter.hutterer@redhat.com> 0.8.2-1 - libxkbcommon 0.8.2 * Tue Jul 31 2018 Florian Weimer <fweimer@redhat.com> - 0.8.0-6 - Rebuild with fixed binutils * Mon Jul 30 2018 Peter Hutterer <peter.hutterer@redhat.com> 0.8.0-5 - Fix invalid pointer passed to FreeStmt() * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Sat Feb 3 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.8.0-2 - Switch to %ldconfig_scriptlets * Tue Dec 19 2017 Peter Hutterer <peter.hutterer@redhat.com> 0.8.0-1 - libxkbcommon 0.8.0 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-11ed8d95e2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
|
|
|
|