Package "libx11-xcb1"
| Name: |
libx11-xcb1
|
Description: |
Xlib/XCB interface library
|
| Latest version: |
2:1.6.4-3ubuntu0.4 |
| Release: |
bionic (18.04) |
| Level: |
updates |
| Repository: |
main |
| Head package: |
libx11 |
Links
Download "libx11-xcb1"
Other versions of "libx11-xcb1" in Bionic
Changelog
|
libx11 (2:1.6.4-3ubuntu0.4) bionic-security; urgency=medium
* SECURITY UPDATE: extra X protocol requests via unchecked string lengths
- debian/patches/CVE-2021-31535.patch: reject strings longer than
USHRT_MAX before sending them on the wire in src/Font.c,
src/FontInfo.c, src/FontNames.c, src/GetColor.c, src/LoadFont.c,
src/LookupCol.c, src/ParseCol.c, src/QuExt.c, src/SetFPath.c,
src/SetHints.c, src/StNColor.c, src/StName.c .
- CVE-2021-31535
-- Marc Deslauriers <email address hidden> Wed, 19 May 2021 13:07:50 -0400
|
| Source diff to previous version |
|
libx11 (2:1.6.4-3ubuntu0.3) bionic-security; urgency=medium
* SECURITY UPDATE: integer overflow and heap overflow in XIM client
- debian/patches/CVE-2020-14344-1.patch: fix signed length values in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-2.patch: fix integer overflows in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-3.patch: fix more unchecked lengths in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-4.patch: zero out buffers in functions
in modules/im/ximcp/imDefIc.c, modules/im/ximcp/imDefIm.c.
- debian/patches/CVE-2020-14344-5.patch: change the data_len parameter
to CARD16 in modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-6.patch: fix size calculation in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-7.patch: fix input clients connecting
to server in modules/im/ximcp/imRmAttr.c.
- CVE-2020-14344
* SECURITY UPDATE: integer overflow and double free in locale handling
- debian/patches/CVE-2020-14363.patch: fix an integer overflow in
modules/om/generic/omGeneric.c.
- CVE-2020-14363
-- Marc Deslauriers <email address hidden> Mon, 31 Aug 2020 12:10:10 -0400
|
| Source diff to previous version |
| CVE-2020-14344 |
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. A |
| CVE-2020-14363 |
Double free in libX11 locale handling code |
|
|
libx11 (2:1.6.4-3ubuntu0.2) bionic; urgency=medium
* call-poll-for-event-again.diff: Fix constant video freezes on
firefox with amdgpu. (LP: #1815125)
-- Timo Aaltonen <email address hidden> Thu, 07 Feb 2019 22:04:25 +0200
|
| Source diff to previous version |
| 1815125 |
constant video freezes in firefox with x-x-v-amdgpu 18.1.0 |
|
|
libx11 (2:1.6.4-3ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-14598.patch: fix in src/GetFPath.c,
src/ListExt.c.
- CVE-2018-14598
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-14599.patch: fix in src/FontNames.c,
src/GetFPath.c, src/ListExt.c.
- CVE-2018-14599
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-14600.patch: fix in src/GetFPath.
- CVE-2018-14600
-- <email address hidden> (Leonidas S. Barbosa) Wed, 29 Aug 2018 15:18:18 -0300
|
| CVE-2018-14598 |
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overfl |
| CVE-2018-14599 |
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious s |
| CVE-2018-14600 |
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resul |
|
About
-
Send Feedback to @ubuntu_updates
