-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:01:59 +0200 Source: libx11 Binary: libx11-6 libx11-6-dbgsym libx11-6-udeb libx11-dev libx11-xcb-dev libx11-xcb1 libx11-xcb1-dbgsym Architecture: arm64 Version: 2:1.7.2-1+deb11u2 Distribution: bullseye-security Urgency: medium Maintainer: arm Build Daemon (arm-ubc-03) Changed-By: Julien Cristau Description: libx11-6 - X11 client-side library libx11-6-udeb - X11 client-side library (udeb) libx11-dev - X11 client-side library (development headers) libx11-xcb-dev - Xlib/XCB interface library (development headers) libx11-xcb1 - Xlib/XCB interface library Changes: libx11 (2:1.7.2-1+deb11u2) bullseye-security; urgency=medium . * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms() * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage() * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow * XPutImage: clip images to maximum height & width allowed by protocol * XCreatePixmap: trigger BadValue error for out-of-range dimensions Checksums-Sha1: e7f189676522ca3f271a4caeef062859df69db95 1111568 libx11-6-dbgsym_1.7.2-1+deb11u2_arm64.deb 394d56b37e3d4197e39d96770ad697a59b5fcc0f 545276 libx11-6-udeb_1.7.2-1+deb11u2_arm64.udeb 587ef0d322874c2e071543b6bc37fae03327503d 743576 libx11-6_1.7.2-1+deb11u2_arm64.deb 29d0a166c963792e544fac2a0a98a65890cd1b81 831332 libx11-dev_1.7.2-1+deb11u2_arm64.deb 55f568233bf4fc6b0aef48dc4003eee7582704e8 205784 libx11-xcb-dev_1.7.2-1+deb11u2_arm64.deb 099ea9e03dec1a2226da107159f32ee84d9c06f9 16968 libx11-xcb1-dbgsym_1.7.2-1+deb11u2_arm64.deb 14c09a7583f99fabd3be576e6350c11ec30c8bb1 203520 libx11-xcb1_1.7.2-1+deb11u2_arm64.deb c484d33d395bcb3c494da0667864cfb3d152af1a 8036 libx11_1.7.2-1+deb11u2_arm64-buildd.buildinfo Checksums-Sha256: 392462667604748b88f09b3c2ac48801f08b8242e7b92676c92d748600f35f85 1111568 libx11-6-dbgsym_1.7.2-1+deb11u2_arm64.deb d5bbebc39cd908778c76a8cb8a652c957f18adb8d3af495d517fb8aba1ab97e5 545276 libx11-6-udeb_1.7.2-1+deb11u2_arm64.udeb 1ddb1a4d3dbdaeac8fd8d0009a27e6453b15d97362fdd1d3efb1d5f577364f30 743576 libx11-6_1.7.2-1+deb11u2_arm64.deb daab6b6a6de5aa8aea8ec61ac89a25b86812e20292aa891bb0d9481c5d3ae310 831332 libx11-dev_1.7.2-1+deb11u2_arm64.deb 749c3768525113a3b665a6b14775d4472d635a9ec47d55b8b14acffa002a9174 205784 libx11-xcb-dev_1.7.2-1+deb11u2_arm64.deb 9b76a15daf0f374616528f608459bc5075b88c1bdfc49bc19a5e2aeab41db796 16968 libx11-xcb1-dbgsym_1.7.2-1+deb11u2_arm64.deb b1ec49c5d32288c295ac1b4b1ad4a3ab711a2926303c709972daf4271492d092 203520 libx11-xcb1_1.7.2-1+deb11u2_arm64.deb 923e709cf93ad621b4fb1766d5ca62872e529a467eab1f4be12ee06e7676a9f6 8036 libx11_1.7.2-1+deb11u2_arm64-buildd.buildinfo Files: 3e3e3f82fa9e4776a358fd3b3c317e99 1111568 debug optional libx11-6-dbgsym_1.7.2-1+deb11u2_arm64.deb 863ec552ea2d88ba9f9ef43b11105242 545276 debian-installer optional libx11-6-udeb_1.7.2-1+deb11u2_arm64.udeb 1a6a569bfbad634039052d2683d2be37 743576 libs optional libx11-6_1.7.2-1+deb11u2_arm64.deb 39a964422a67fbaee4f0699253c66b54 831332 libdevel optional libx11-dev_1.7.2-1+deb11u2_arm64.deb fcf925821d6281ecfdebdecac2f955ff 205784 libdevel optional libx11-xcb-dev_1.7.2-1+deb11u2_arm64.deb 790f4589892228c06b335fcf6461bf32 16968 debug optional libx11-xcb1-dbgsym_1.7.2-1+deb11u2_arm64.deb bed9683c1ffc6c69ce473e8064d10e9c 203520 libs optional libx11-xcb1_1.7.2-1+deb11u2_arm64.deb b45e41d74631efa70a8d369c7226fd60 8036 x11 optional libx11_1.7.2-1+deb11u2_arm64-buildd.buildinfo Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEV2QMHg/7F9BmqsxiZLztDiV8cXAFAmUb4HsACgkQZLztDiV8 cXDKlxAAk1XQaz7BJBMCHgIuDQ8h4AXFSa5eVWrT4s4nXYWQWIx4MihyiQ+Pu/ZS /RIOXWrZ8k0x2AvrjVwUNtjA6w+gTL8ppCsBf+SHsdl0wPPW/+E82m+mcAMoNgSM 2DbE2xZR4pxWqaz4dGCwtYZ0+Y8XTt1FSqSFeygPrz5cu04l47q6AJrG85wMhgrX 5WKWkHxk8CShxwuqrtb9s1nAbtcOJ86WZs2u9ZXoVlWMByPyzthUZEiGQmS+B2Ed wL7DB4ocA3FG3Mlp+o/PIHNe2kgnEYLA49CrbQUJHkk2YU2uNKyve24fWwp3Gbbf Gxnokx0a5Yq51UcZ1jQuSpD4jFiXuZhcBdOBkKLw9fUXGRbaSSjafaoahBqpkiwb YBAwKCtHzxLJXWgVCPxg50FIO5YLOBIXcq1TirRjEJ2S9OwWmVt+o5q6Kyo7/k4M +XeQnrBn98X7IZiki05/BXwlig2dm34rLTKMT1Po3pH6I90hko+3YRpRkrKhE8et XQLz+ZIZ53bS5xZmtBYXD3SYTM+ovCwLQIjrTy4ECWP7NwG61VnF3a0pfKubaJyG jmqgUb6Ow40DITpIMlPbf2e0VuwZQZei3FToMZd1PJTussAK1hWOVxYNFlB3894h TZRKmCL1D5DflIkYEhRHMx+q/RvqAxD5xgfLI2IosHydwPju3oA= =dtr9 -----END PGP SIGNATURE-----