UbuntuUpdates.org

Package "libxkbcommon0"

Name: libxkbcommon0

Description:

library interface to the XKB compiler - shared library

Latest version: 0.8.0-1ubuntu0.1
Release: bionic (18.04)
Level: security
Repository: main
Head package: libxkbcommon
Homepage: http://www.xkbcommon.org/

Links


Download "libxkbcommon0"


Other versions of "libxkbcommon0" in Bionic

Repository Area Version
base main 0.8.0-1
updates main 0.8.2-1~ubuntu18.04.1

Changelog

Version: 0.8.0-1ubuntu0.1 2018-11-06 16:06:52 UTC

  libxkbcommon (0.8.0-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15853.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15853
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15854.patch: fix in
      src/xkbcomp/ast-build.c, src/xkbcomp/ast-build.h,
      src/xkbcomp/ast.h, src/xkbcomp/parser.y.
    - CVE-2018-15854
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15855.patch: fix in
      src/xkbcomp/keymap.c, src/xkbcomp/parser.y.
    - CVE-2018-15855
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15856.patch: fix in src/compose/parser.c.
    - CVE-2018-15856
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15857.patch: fix in src/xkbcomp/ast-build.c.
    - CVE-2018-15857
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15858.patch: fix in src/xkbcomp/keycodes.c.
    - CVE-2018-15858
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15859.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15859
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15861.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15861
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15862.patch: fix in src/xkbcomp/expr.c.
    - CVE-2018-15862
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15863.patch: fix in src/xkbcomp/compat.c.
    - CVE-2018-15863
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-15864.patch: fix in src/xkbcomp/parser.y.
    - CVE-2018-15864

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 06 Nov 2018 08:36:17 -0300

CVE-2018-15853 Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon user
CVE-2018-15854 Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by s
CVE-2018-15855 Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by s
CVE-2018-15856 An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attacker
CVE-2018-15857 An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon key
CVE-2018-15858 Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by
CVE-2018-15859 Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attacker
CVE-2018-15861 Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer de
CVE-2018-15862 Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer der
CVE-2018-15863 Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NUL
CVE-2018-15864 Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer



About   -   Send Feedback to @ubuntu_updates