-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 10:52:32 +0200 Source: libx11 Binary: libx11-6 libx11-6-dbgsym libx11-6-udeb libx11-dev libx11-xcb-dev libx11-xcb1 libx11-xcb1-dbgsym Architecture: s390x Version: 2:1.8.4-2+deb12u2 Distribution: bookworm-security Urgency: high Maintainer: s390x Build Daemon (zani) Changed-By: Julien Cristau Description: libx11-6 - X11 client-side library libx11-6-udeb - X11 client-side library (udeb) libx11-dev - X11 client-side library (development headers) libx11-xcb-dev - Xlib/XCB interface library (development headers) libx11-xcb1 - Xlib/XCB interface library Changes: libx11 (2:1.8.4-2+deb12u2) bookworm-security; urgency=high . * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms() * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage() * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow * XPutImage: clip images to maximum height & width allowed by protocol * XCreatePixmap: trigger BadValue error for out-of-range dimensions Checksums-Sha1: 9438947656253d12b27160ab758db7f24c59283c 1103020 libx11-6-dbgsym_1.8.4-2+deb12u2_s390x.deb 14a43e81f9bed7fa56957495a8d204d53ce4342b 539800 libx11-6-udeb_1.8.4-2+deb12u2_s390x.udeb 3334de9f9b8276c0d7107ec6f5d875522b31c38c 729516 libx11-6_1.8.4-2+deb12u2_s390x.deb 1258573a2cf3637ed7ea2a52fa970e6e5e099cf1 799924 libx11-dev_1.8.4-2+deb12u2_s390x.deb 93827b7c32ed08fa8f41d70dca1d25c8af9d28c8 194584 libx11-xcb-dev_1.8.4-2+deb12u2_s390x.deb a0fee867c2dc05089da2aa48aac0791a9e85b700 16608 libx11-xcb1-dbgsym_1.8.4-2+deb12u2_s390x.deb da015b59bb68c43ed0cd6e3fb0cf3ea0d559218c 192320 libx11-xcb1_1.8.4-2+deb12u2_s390x.deb edcba6e0d56c4668ed5074249131c6dce3dd4967 7906 libx11_1.8.4-2+deb12u2_s390x-buildd.buildinfo Checksums-Sha256: 1f4e82264f00a4666fef7738fda245cdd7fb8e135f7ad7f58bd7afb3a25e3e43 1103020 libx11-6-dbgsym_1.8.4-2+deb12u2_s390x.deb 377824733811fbba56502c38c6f9447b5089e4ff60839f6e7898ad3b85676dbb 539800 libx11-6-udeb_1.8.4-2+deb12u2_s390x.udeb 166584672f5669b5a97894d06140dfd2b93efcf93c0f164ac738357c240dc8b9 729516 libx11-6_1.8.4-2+deb12u2_s390x.deb 8fb40aaea370c34a5afedffaee8e22ddeb0251e3c7ec79b88d9e5bcc79ace3a6 799924 libx11-dev_1.8.4-2+deb12u2_s390x.deb 3c62e5323c9936de11191414b6eae9c7e146c3fb29d702eccce5edc72be36924 194584 libx11-xcb-dev_1.8.4-2+deb12u2_s390x.deb 11798b4c57062c780e469ea1e2ee619d5c8fe6d44fa8680d1d20b06aabc70874 16608 libx11-xcb1-dbgsym_1.8.4-2+deb12u2_s390x.deb 76c438a1e2d12ccac2371a640ff4a11be538567c8fa34a2429f18ff50d09b74c 192320 libx11-xcb1_1.8.4-2+deb12u2_s390x.deb 40066a5011814892290b251fb35a3a89945ea3e914d218c42d05780c627b28e2 7906 libx11_1.8.4-2+deb12u2_s390x-buildd.buildinfo Files: 45dcad54856f7dc37382f4316d70848a 1103020 debug optional libx11-6-dbgsym_1.8.4-2+deb12u2_s390x.deb 50a80d56aa64b7075ff153d15859444c 539800 debian-installer optional libx11-6-udeb_1.8.4-2+deb12u2_s390x.udeb 2fb3e11edf0940f6b43978eb2bf44af6 729516 libs optional libx11-6_1.8.4-2+deb12u2_s390x.deb 8d84c3c2373a3e078e612aaf1c498f19 799924 libdevel optional libx11-dev_1.8.4-2+deb12u2_s390x.deb d858590ca5d316f3fd322fbf9452dd79 194584 libdevel optional libx11-xcb-dev_1.8.4-2+deb12u2_s390x.deb 9b2520627c31c081994da1be9b628532 16608 debug optional libx11-xcb1-dbgsym_1.8.4-2+deb12u2_s390x.deb 2968892220314b2f4044a414eb6237fe 192320 libs optional libx11-xcb1_1.8.4-2+deb12u2_s390x.deb c0a2107006d294b2f5d03c6546438d79 7906 x11 optional libx11_1.8.4-2+deb12u2_s390x-buildd.buildinfo Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEETdQgQHyJW2hcXsTC6b+AMjGgQHgFAmUb2ngACgkQ6b+AMjGg QHjeDhAAqaVZup/gfAljSDhf08Mw971sAX5CzcjwWP+mEg51J4DFmlIcnFQeeepH UdXPO78FSIYDYDH9H77R2fMcRje3FgpKacT9zA3tjXstqgiCWH8Bf4M6doltu0GT gNs6ChatgJC2ZN6wBSZ0d4R/6hIjQLjT8DuJVD7XgoktGtV3vd+j2fne1qaA8czg eulFxdFVr/Gh+G75BJbooYSRg4lwWaOjpt7IpKzW4pTrkyt9Goc2pKYxV4pFEkiM +X+Ci5DPhG1ekwS6WmwEqRawLz8q43wxWYlwH/0pH60+hURtvi0WZrzcLD799Fkm kV+eu1gJyyRZ/3I5bY+RgVncSFY3lOPDYtRvkp6y+lC/nI43cNtOkcjBlLmWtNZp TjHQzmxHuuuqLMRiTKaWZiWzPU6mF8MnaKkW+6coXMZzXUatiqmHNqmvau8rzPlo 9/NicBWLBOYkHUmK03xEm6ggs9h89ZHF/hbigoqhqLqMgs+JyFwjtmxcVNlCGuZ1 pmf347wO0Cr/UL/i1TwN+Kls8yG7Nl27py0IKqdmEdp/bF43yIJ9bzwCfGbcNT1U bh/hBFSbuHMZro2xvsmRJP/9HBYFSvkgHaFXBwRGoY9eIRoKtU+znTIoKBRxIqW2 Fo0k9Su1VohD0uTUYSCgTwtctddjkMHCWtPN0EdxMzkWc+fkXCc= =n1Uq -----END PGP SIGNATURE-----