-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 03 Oct 2023 10:52:32 +0200
Source: libx11
Binary: libx11-data libx11-doc
Architecture: all
Version: 2:1.8.4-2+deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description:
 libx11-data - X11 client-side library
 libx11-doc - X11 client-side library (development documentation)
Changes:
 libx11 (2:1.8.4-2+deb12u2) bookworm-security; urgency=high
 .
   * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms()
   * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage()
   * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow
   * XPutImage: clip images to maximum height & width allowed by protocol
   * XCreatePixmap: trigger BadValue error for out-of-range dimensions
Checksums-Sha1:
 af3a6ad140e2cadac63689e99793e8662e092e97 291884 libx11-data_1.8.4-2+deb12u2_all.deb
 4d4c7f2c692587bc107e88598fb131a193fb0e7c 2211304 libx11-doc_1.8.4-2+deb12u2_all.deb
 6ffe5ad1032edc9b3383eb4ccc5ae4800e8271a1 6828 libx11_1.8.4-2+deb12u2_all-buildd.buildinfo
Checksums-Sha256:
 987a848aeb1c358e4186368871b0526f10bb14c6b53214ab3bf8b69abb830191 291884 libx11-data_1.8.4-2+deb12u2_all.deb
 a8a31c9473ce3068721e7a44210446672baaa4b945ed469681c4d41538c6d1ee 2211304 libx11-doc_1.8.4-2+deb12u2_all.deb
 086717004a49020523e5fdb7fec558fe06af80d91e3d03d6247d5f63df79a0dc 6828 libx11_1.8.4-2+deb12u2_all-buildd.buildinfo
Files:
 85ab85cc2396aafb5a525bac782d8ec9 291884 x11 optional libx11-data_1.8.4-2+deb12u2_all.deb
 5ceb9f30947d0b06b588f3c43c7a5521 2211304 doc optional libx11-doc_1.8.4-2+deb12u2_all.deb
 49a4947c0a76f6a4995180a914295e94 6828 x11 optional libx11_1.8.4-2+deb12u2_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzW1K1578DQd6MDTQEbLkkg2OS0oFAmUb2wcACgkQEbLkkg2O
S0pmNBAAhRT5B3m1jzzaqmlTaH3iELBXscvG4GxsiHr0ziohRi0IF5fEbYEfUVTv
Nr7wWi5/GmkNLJnz3lW+Ds5xIuzz7kB3ceqcZYVR+B/l6Pt8s7uTUNgXISTtBUbC
CoZnalwvHWCWasdXQShJpwNhvSudd6T3pMGj7AHtW8FYKV1Mw9MYxMkSYQZLpRPi
dxlv8gVttQmwW3UM3R4/B2U2eOU7aqJN7fOG0809Avsnx/HiHOhk0OfUCxB3TvFz
5goSN6wajX1CvoCIF4CQtjp6XZ7R0K8D3kSV6MZnuq6eZo6LaXfzNbuOM+4SrN2R
oiv3wk9Df95UpCKI9FFIytYlOWrSFTAaSlHJvO1fGyaUonkNunctsapX7sYZmPCr
FAFeNqq1a0/b11NgL6ejYbGcyHxlzMLOhxiKutxtNNdP9TK1lohZXR3SI9WTgaUz
fS1ZIWa92y4NQOEEACLrc5cshB/B3+JPD3YPu2qOCkHXhZzmgQVvf3MiqBRlsFkW
cspkjriHI8iReeg6PUnEigQReCrj3SogDSEgeME+GWovJc8TFuz2P6PB3sLdMmeM
u/j2GB7uEvH/KRwSceszuPK1/bZPCP2G3P8Pgfej7XSSKsXVjx19JToWEw8XAfqh
mrQtztmQyPWbzeq0c6+tNNhW8DqOt2kKXU3wl6WM7Hfwg8gNhmY=
=UTgY
-----END PGP SIGNATURE-----