-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:01:59 +0200 Source: libx11 Binary: libx11-6 libx11-6-dbgsym libx11-6-udeb libx11-dev libx11-xcb-dev libx11-xcb1 libx11-xcb1-dbgsym Architecture: i386 Version: 2:1.7.2-1+deb11u2 Distribution: bullseye-security Urgency: medium Maintainer: i386 Build Daemon (x86-grnet-01) Changed-By: Julien Cristau Description: libx11-6 - X11 client-side library libx11-6-udeb - X11 client-side library (udeb) libx11-dev - X11 client-side library (development headers) libx11-xcb-dev - Xlib/XCB interface library (development headers) libx11-xcb1 - Xlib/XCB interface library Changes: libx11 (2:1.7.2-1+deb11u2) bullseye-security; urgency=medium . * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms() * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage() * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow * XPutImage: clip images to maximum height & width allowed by protocol * XCreatePixmap: trigger BadValue error for out-of-range dimensions Checksums-Sha1: 3d4d12e4644c19435976a7715f3ea817cc0a4502 954892 libx11-6-dbgsym_1.7.2-1+deb11u2_i386.deb 9ce7509e0b85eb74c070be98b3001f680f7c55a3 591192 libx11-6-udeb_1.7.2-1+deb11u2_i386.udeb 4a9786f96caedbb1adf3ed593de36952409c6567 796508 libx11-6_1.7.2-1+deb11u2_i386.deb 87b86502b4fcfe4a23b04cd7e3b23cf31d7debaf 874196 libx11-dev_1.7.2-1+deb11u2_i386.deb 89401dba47d9474fa728b115093414580a60ae0d 205756 libx11-xcb-dev_1.7.2-1+deb11u2_i386.deb f23f1ee772465710d58332fffc072273a217c295 16820 libx11-xcb1-dbgsym_1.7.2-1+deb11u2_i386.deb 583d1c83f20215d05842b4a4334d1c95e06d6e5e 203528 libx11-xcb1_1.7.2-1+deb11u2_i386.deb 2a069b07d656ecb5fc98c41e34e02cba84287237 8003 libx11_1.7.2-1+deb11u2_i386-buildd.buildinfo Checksums-Sha256: 433725908a3b3c59418bb5d9853fc57db94d2b89d53c934c57eca402cd86f901 954892 libx11-6-dbgsym_1.7.2-1+deb11u2_i386.deb f15af62ba2528025d8a19bdd597f7ec82fa9fba09b180188569d08d9c24f899f 591192 libx11-6-udeb_1.7.2-1+deb11u2_i386.udeb a0307da50139370781beac6fe6d3b173493af11d0a35c43c053c539d5d67969c 796508 libx11-6_1.7.2-1+deb11u2_i386.deb 6674c5517140f65addb055b2fcbab42e83c299555ecf516daf40758f938cf2d0 874196 libx11-dev_1.7.2-1+deb11u2_i386.deb 5f0041da4e00a1854830584a2a4530ad33e0971cdc084cd35cf37e1fd426f740 205756 libx11-xcb-dev_1.7.2-1+deb11u2_i386.deb d37e025b6a053095e40bbb864256aa77606ed00c3402e1fed605bb170de1f362 16820 libx11-xcb1-dbgsym_1.7.2-1+deb11u2_i386.deb ca0c8838ebc4b0e6e5e6191dd6dc8519bdd560574afcc745ae6dae9cf79f2e29 203528 libx11-xcb1_1.7.2-1+deb11u2_i386.deb 0fb76d231bb32f3b260712c62bab20e04ca8eb70aff57fb87a90f408883500f4 8003 libx11_1.7.2-1+deb11u2_i386-buildd.buildinfo Files: 0973fb6522f7e979c43d063fc703d297 954892 debug optional libx11-6-dbgsym_1.7.2-1+deb11u2_i386.deb 1bfb67d27e57b81f003b5ab39ff71154 591192 debian-installer optional libx11-6-udeb_1.7.2-1+deb11u2_i386.udeb f69d686944cc9be0825e5b3b80cbb5a5 796508 libs optional libx11-6_1.7.2-1+deb11u2_i386.deb f89e77e872f4f699f8129b99d5af937e 874196 libdevel optional libx11-dev_1.7.2-1+deb11u2_i386.deb 803f903c266fb2ae23eae8e5d1937990 205756 libdevel optional libx11-xcb-dev_1.7.2-1+deb11u2_i386.deb 99a71fd0acd44bba33cf1b9dd0dbb379 16820 debug optional libx11-xcb1-dbgsym_1.7.2-1+deb11u2_i386.deb 4b6b36b96091c4e8d3b693a1f1e2fa16 203528 libs optional libx11-xcb1_1.7.2-1+deb11u2_i386.deb 930eed7668b29e84f65d266fca57a40e 8003 x11 optional libx11_1.7.2-1+deb11u2_i386-buildd.buildinfo Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7bJOCbihllHz5a8G6bGbnoZY/NwFAmUb3zwACgkQ6bGbnoZY /NwQqg/+OrsWgrlY2L1utbwrKQmER7EF7/eljGY2hYYsbsAN7J/BvmF5w8pTh37u tvCZdLipiPjVrHNzpL6MGEMhWA0oSbTkFNc9YN9bqZQGKRnVhz7CdJko7C6PaNxx c+RQZeFEJp+4TimLhZjHuwyAfpYR1gqbEvryMQZgXsl+vE0Mlvehz4B08IXqLfOS JxHpxUHFAUyjOP2veoCClzpkwtT1QEgR55yKzcYYDG2dgrS7NVP30dVFZ24Az/TP IMHXv6/vCXDz5EbD7XCDC5Np6FAE54qEEh4xRIoq53SrUhhbtwqZkh7cgmvsvt3R 1pd2cyDnOwI0xmxCpP9DqjkZpnUleOiOW2fvAaW6SqbBvPs2fYW4q7dZJ5QdbYGo muvhpxF6RFt8Ft6rfjIudfTdTm/Bk/tzIoS+hmN3/UyXGS9xn34AbE1/F3CzLuoZ gpL0OlOMKpEhj7/b6/a2q2ZBD/2cDiqJtNUhOl4++gXujs2s8bxWO02GtL809UMR Up2IsnhnPOeWMGkUfRKjvbGibw6fONaTDsMzxiK4DQo37SeSToRHnRVm9YkqXxod KDVV+qf/AhQlrH789EjD0vxUdchZhMFpsE88U5YSGdV4Fc5SeK6bcULboBk/Lj5F 06rNDlS0G804AbuCuJ1zcMJXMQ3H4jgD216jjht7tIY54gnsntM= =njX9 -----END PGP SIGNATURE-----