-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 10:52:32 +0200 Source: libx11 Binary: libx11-6 libx11-6-dbgsym libx11-6-udeb libx11-dev libx11-xcb-dev libx11-xcb1 libx11-xcb1-dbgsym Architecture: arm64 Version: 2:1.8.4-2+deb12u2 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-02) Changed-By: Julien Cristau Description: libx11-6 - X11 client-side library libx11-6-udeb - X11 client-side library (udeb) libx11-dev - X11 client-side library (development headers) libx11-xcb-dev - Xlib/XCB interface library (development headers) libx11-xcb1 - Xlib/XCB interface library Changes: libx11 (2:1.8.4-2+deb12u2) bookworm-security; urgency=high . * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms() * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage() * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow * XPutImage: clip images to maximum height & width allowed by protocol * XCreatePixmap: trigger BadValue error for out-of-range dimensions Checksums-Sha1: 3df030163dec22b0512a88ba6e58f066ca3495bd 1112988 libx11-6-dbgsym_1.8.4-2+deb12u2_arm64.deb 3170e0c4f8fec4069efd300b6a968300e60cc58b 547168 libx11-6-udeb_1.8.4-2+deb12u2_arm64.udeb 01e76f5cb6801c08507156b5fc51ca68bd1f1dcb 735284 libx11-6_1.8.4-2+deb12u2_arm64.deb 92b6217f695831a1881ba4a9ba803e3af8dabe61 817724 libx11-dev_1.8.4-2+deb12u2_arm64.deb b6fc13166a843bcea5f4540019540258e6bc7a43 194596 libx11-xcb-dev_1.8.4-2+deb12u2_arm64.deb 4ef4daecdfce59f77e9faf9cd21103c414b5a8f9 16952 libx11-xcb1-dbgsym_1.8.4-2+deb12u2_arm64.deb eca77d6ddcbf999633909921b310281615b6384e 192472 libx11-xcb1_1.8.4-2+deb12u2_arm64.deb 3c326ea2f128f0265279a6f192567a491a98fcb6 7994 libx11_1.8.4-2+deb12u2_arm64-buildd.buildinfo Checksums-Sha256: 019da8bc6f25e118faa8690a9dc8b5cf4da5d06deeb804492c0e6db7103d6c89 1112988 libx11-6-dbgsym_1.8.4-2+deb12u2_arm64.deb ab9d90a2e7632b37f8099f28fd0ab876b4b781d4e5fff49598d5947e0e79d95f 547168 libx11-6-udeb_1.8.4-2+deb12u2_arm64.udeb d1d533e983582282a9ea82c87ac5ce715a9b67bd6d1acbd2439a11c63c36549b 735284 libx11-6_1.8.4-2+deb12u2_arm64.deb 34bfc833561de983cfb4475523fedc13abb4faee14a876300de659591779add8 817724 libx11-dev_1.8.4-2+deb12u2_arm64.deb 72433ed28bbff06d679f68339de1ba7ff0c8db0fba89ef717505716d3c70d841 194596 libx11-xcb-dev_1.8.4-2+deb12u2_arm64.deb 26d7204893342dc68113614ead5db0dd73077f7dcf3ce174d584f1741641cc24 16952 libx11-xcb1-dbgsym_1.8.4-2+deb12u2_arm64.deb 21c7e6f19909bb1e02bb3c2089789791858c54d37e86cef9d7872782c1cb711e 192472 libx11-xcb1_1.8.4-2+deb12u2_arm64.deb 9604cf48d54139ace2b43448b08e11c4b274e415f677ee867ee6d67af804b371 7994 libx11_1.8.4-2+deb12u2_arm64-buildd.buildinfo Files: 4346556bcb3834f2617dc838c87179d6 1112988 debug optional libx11-6-dbgsym_1.8.4-2+deb12u2_arm64.deb 4eabc90d71950e53d13c6ba4bbc226b1 547168 debian-installer optional libx11-6-udeb_1.8.4-2+deb12u2_arm64.udeb f0ce81196bc7ef63e9b1bf002acdbeab 735284 libs optional libx11-6_1.8.4-2+deb12u2_arm64.deb 040c9d0715a260f83af73748869f7d3d 817724 libdevel optional libx11-dev_1.8.4-2+deb12u2_arm64.deb c08147e7f2d17a1bc26b8d7bbd765509 194596 libdevel optional libx11-xcb-dev_1.8.4-2+deb12u2_arm64.deb bf86a22797340dfbe0ca69978d5b2454 16952 debug optional libx11-xcb1-dbgsym_1.8.4-2+deb12u2_arm64.deb c48d422a08cfddf18443e9de7b05f92c 192472 libs optional libx11-xcb1_1.8.4-2+deb12u2_arm64.deb d200d283da812bf65093026e0425ab07 7994 x11 optional libx11_1.8.4-2+deb12u2_arm64-buildd.buildinfo Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEuIolmszDbgxUhBbrMZO3llZhjs8FAmUb2z0ACgkQMZO3llZh js/2SQ/+LXAa4ucXF7wMEM+FoKdSz4uaqVZZQukISblRGyHQFDNHwptOX4p8vMzU NLrq5+XJgb1QScwzDVKfq3Dva6Al3jtXxkZlrY5/nLcBfc9oiQwwlM2Md6HtKUTG om31F7ggoliiKfFpoVJYLcD1GRV59hZM3paloLXVwhKIyt/quF6C+glnr6q5+n8H MogSsEb5jMSBwQiB7lNiM85AGu8wDc8PlwatGTWs42HtRYw5IfcfKejyWLST3zva Kv2qn7TmQiu5RUt/beBej35RVSxwn43bwAZ2qxRz2SM49vzfVlHfCOW4cK1QtRqc qZzQdqJBNK72MncRM/xqP4luhsTfYKggL7yN+yac5PSLOv4Q0OT/TBiybeYI+Hak JzzeDdjmwlsGuO1M98k3yfo8nbol7CgWsN/tk+AzZ1N5chDHGjbbSZlGNeGxX9hp eL748rgCsqoQR3awpYQgXlTx7scl4URd1kCs6m7Fl0jAylvsT11tiGSb/SeIzpW3 hiAHWFN7yt7CuNaR/O7LWq3lSMNDYxQEqcNZbJE1eUc6ZGoG0UxrfO8micbtosMJ 9PL5RPhXBLArF5M8/d3CgRYEADDqdGvwLP4krawO/VGelNlBvith1Nhk/3I19XLC +47o0LmRyJL3anEnnp3Qs+kvtzSmtcixXQpdlfVBP9FB+QbV/Xg= =xR9m -----END PGP SIGNATURE-----