-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:01:59 +0200 Source: libx11 Binary: libx11-6 libx11-6-dbgsym libx11-6-udeb libx11-dev libx11-xcb-dev libx11-xcb1 libx11-xcb1-dbgsym Architecture: armel Version: 2:1.7.2-1+deb11u2 Distribution: bullseye-security Urgency: medium Maintainer: arm Build Daemon (arm-ubc-06) Changed-By: Julien Cristau Description: libx11-6 - X11 client-side library libx11-6-udeb - X11 client-side library (udeb) libx11-dev - X11 client-side library (development headers) libx11-xcb-dev - Xlib/XCB interface library (development headers) libx11-xcb1 - Xlib/XCB interface library Changes: libx11 (2:1.7.2-1+deb11u2) bullseye-security; urgency=medium . * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms() * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage() * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow * XPutImage: clip images to maximum height & width allowed by protocol * XCreatePixmap: trigger BadValue error for out-of-range dimensions Checksums-Sha1: bdd6e74e24af3201762cb04d2d6e80c28e34b26b 1064148 libx11-6-dbgsym_1.7.2-1+deb11u2_armel.deb a29ff58c85763c6bcb9cea06fc5678ef7e96bb98 506108 libx11-6-udeb_1.7.2-1+deb11u2_armel.udeb 35b9d345100838bac847323ea82a915d0c7fe0db 709620 libx11-6_1.7.2-1+deb11u2_armel.deb 14863ad17c1180ed38c7286b4d8c29e055762089 786212 libx11-dev_1.7.2-1+deb11u2_armel.deb 767ef5dd11e792b0f6e0f4bc58a3e27756228502 205744 libx11-xcb-dev_1.7.2-1+deb11u2_armel.deb e4a8c4d183aaa360da5048894d834d81e6893178 16980 libx11-xcb1-dbgsym_1.7.2-1+deb11u2_armel.deb 0ba4e4461742c16b8e1549e2ee3334f8b2951b07 203480 libx11-xcb1_1.7.2-1+deb11u2_armel.deb ba98335b0384cc010440f4d9ff170205fe1efe9f 7965 libx11_1.7.2-1+deb11u2_armel-buildd.buildinfo Checksums-Sha256: 0b4f2708b13b021839c594535245794afc5cddb453eba25f68211cddeb89a0ae 1064148 libx11-6-dbgsym_1.7.2-1+deb11u2_armel.deb b54fb0042b46127b52e85d3179d38a4eeeb70733d6624cb5ce9c25e057180588 506108 libx11-6-udeb_1.7.2-1+deb11u2_armel.udeb 5f8fc577941739ff48452abeadd367243c47b0788384926cddf7bbf73e7e95f6 709620 libx11-6_1.7.2-1+deb11u2_armel.deb e8f7e214ae8652d14009183676e635dc612a2ecb0e66b0a3e610be597ca8485e 786212 libx11-dev_1.7.2-1+deb11u2_armel.deb 8353cc86584dfe55c68b039e8f212e8b5cf1b047cd5a14f9fdec83f1c66af494 205744 libx11-xcb-dev_1.7.2-1+deb11u2_armel.deb d094a64e7ae79066a46ed08f03b0e62be93e4be0c647b880d706eb67ae65523c 16980 libx11-xcb1-dbgsym_1.7.2-1+deb11u2_armel.deb 2df3d27ed1457918ba5ae12517f7be1b6a914732242931f1e8f7c64792576c55 203480 libx11-xcb1_1.7.2-1+deb11u2_armel.deb 5c1a1329cab4c12c9c5cf9063ffe881180e64715a0b44b9d547b46486aa6587c 7965 libx11_1.7.2-1+deb11u2_armel-buildd.buildinfo Files: eb132f457a22b7cd202d997f34a5d01a 1064148 debug optional libx11-6-dbgsym_1.7.2-1+deb11u2_armel.deb 13fa6e8089e2122c8bf15e933e1566ae 506108 debian-installer optional libx11-6-udeb_1.7.2-1+deb11u2_armel.udeb 53b19dddf4cc18e7677af60ca28d9818 709620 libs optional libx11-6_1.7.2-1+deb11u2_armel.deb 5618f87914ee7bee74daa65cfebd8f5d 786212 libdevel optional libx11-dev_1.7.2-1+deb11u2_armel.deb 5e4a92668f3d29a356428ba8f3d2ea8e 205744 libdevel optional libx11-xcb-dev_1.7.2-1+deb11u2_armel.deb 72e51da106b840bd39de9cd78b6a8240 16980 debug optional libx11-xcb1-dbgsym_1.7.2-1+deb11u2_armel.deb af7838a25919548ce1d13b9569415958 203480 libs optional libx11-xcb1_1.7.2-1+deb11u2_armel.deb 2ddf6c8aa61d641df54d41328987460f 7965 x11 optional libx11_1.7.2-1+deb11u2_armel-buildd.buildinfo Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEdkvJoTVAIZVYaO9cyYck2apzqqMFAmUb4IEACgkQyYck2apz qqNlfxAA7spLveegyxLE84Y1ImpSQVpSYFCRKw7SSuekLggb3HLEERtpzQJypbqv 5ArYPgoc2Vgc45wsmQe80OFrMWrzP/OYr7BEVSwpOSu6mBk3wDpQUO52WTEl5usj 3mWa0jS/XzsSyVEeAgTe8QJULSlzDciNEI2NplQy4XvHmeAccDbf7a4mqOZl2+l+ uFuRxFA2Oyw2EaelXaiCKQqS/JqL8dCYXXRS++oKyIz8Yor1sqHOE6XgRxUah2Ro QYl+VBod0r6qbv/tDDhXDV7iG1hP84Z86EGhrxYsEOnk5ij9DyMn3UwD0FLfk/Qj 7DCpsxkQcHaBEH5LbjlHtA+1ZD4ZE2GVsATrABCxKdlBVHAqCcCKwstO0ybNOooO FO1ga4Pvkq61uw/nBl4hZinnkQ0y7E+VdHR0fVaWoYBwCGAc1/2I5G6t0CrW5Ftz KnUexWzrqoDr3pI9Hvwd02f1MyNC4cljkQsHlyEcOzimjfZ1uHgfju0A1wvXh0cn ol2uk1/7xnkVeDPEI4GPJcS5naIUN6pl0Kp40eIMRjC0fJLIrV3sFePIvW+bodSV 0fUB4LgCZP7Z+WmaKlopb1fAaySgJXLmJlVYpm5OJqWuFxEoq34HkSBbrJNZraNd CZmebi6d3u1bRo6PK96zQ6dFDQWrQX0XaIIlNoe1QSBKs+XkBIY= =dSKP -----END PGP SIGNATURE-----