-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:01:59 +0200 Source: libx11 Binary: libx11-6 libx11-6-dbgsym libx11-6-udeb libx11-dev libx11-xcb-dev libx11-xcb1 libx11-xcb1-dbgsym Architecture: armhf Version: 2:1.7.2-1+deb11u2 Distribution: bullseye-security Urgency: medium Maintainer: arm Build Daemon (arm-ubc-05) Changed-By: Julien Cristau Description: libx11-6 - X11 client-side library libx11-6-udeb - X11 client-side library (udeb) libx11-dev - X11 client-side library (development headers) libx11-xcb-dev - Xlib/XCB interface library (development headers) libx11-xcb1 - Xlib/XCB interface library Changes: libx11 (2:1.7.2-1+deb11u2) bullseye-security; urgency=medium . * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms() * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage() * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow * XPutImage: clip images to maximum height & width allowed by protocol * XCreatePixmap: trigger BadValue error for out-of-range dimensions Checksums-Sha1: ab85692bdd9c50d33fb703ef01b2fd100c0368ec 1087924 libx11-6-dbgsym_1.7.2-1+deb11u2_armhf.deb 7a6fc7fc847def7bdcd4b8c6f8afe8001ea23ac5 503292 libx11-6-udeb_1.7.2-1+deb11u2_armhf.udeb 206994f0c069317579258b6a58b1ea32b0f2b3dd 713352 libx11-6_1.7.2-1+deb11u2_armhf.deb 79d3d649e3038ab3152b06049f177bb69bd4fc95 787292 libx11-dev_1.7.2-1+deb11u2_armhf.deb 36e81073f82fa53f3bd03f2b6eea329ae977c11b 205744 libx11-xcb-dev_1.7.2-1+deb11u2_armhf.deb a4066d7b722f13767a0c123edeae5f1155ada0ab 16976 libx11-xcb1-dbgsym_1.7.2-1+deb11u2_armhf.deb 570afd50aefab7d7c4a4aea3d95489af9c434be3 203472 libx11-xcb1_1.7.2-1+deb11u2_armhf.deb 2e90d92ece409a7d1deacd0fc2d4449ab6a4ed53 7967 libx11_1.7.2-1+deb11u2_armhf-buildd.buildinfo Checksums-Sha256: fafb8a017b8bee83bf4efcdadf62738f0ccfbea461ff133a96fdf100b044bc37 1087924 libx11-6-dbgsym_1.7.2-1+deb11u2_armhf.deb d64c2d9c8d51146b1265355c7a189c29735188f823480a91916378c44431218e 503292 libx11-6-udeb_1.7.2-1+deb11u2_armhf.udeb 0822c2e89b32832afd0b869202ff0eccb611e086a3b1054f2e2424c624228ca4 713352 libx11-6_1.7.2-1+deb11u2_armhf.deb 4bf859cb057adf53dbb0937169b2f7be79172b0c1ed1ab0cef02cf9a31f17e84 787292 libx11-dev_1.7.2-1+deb11u2_armhf.deb 680e63d996cd77f601e9d43af77bf94dd6a4f86641b4bbbd4228a4b43699789c 205744 libx11-xcb-dev_1.7.2-1+deb11u2_armhf.deb 5f7a27c46fca19f04e638f23cb720bfc9a8a51af6a0db58017f95a92e2a51fd6 16976 libx11-xcb1-dbgsym_1.7.2-1+deb11u2_armhf.deb b95134535d5e0b0afc64564beceae6d84b42a6b7656b02b62d8963a0aaa3a78c 203472 libx11-xcb1_1.7.2-1+deb11u2_armhf.deb 6ff19424502c58bd78693563746ceb48bda4e4502b72c6d6a4af2c43d59b1ca4 7967 libx11_1.7.2-1+deb11u2_armhf-buildd.buildinfo Files: 573b76f12c1b81af95986dd01d49b9db 1087924 debug optional libx11-6-dbgsym_1.7.2-1+deb11u2_armhf.deb 6785c06d2beb97a7a323118d7f0757d7 503292 debian-installer optional libx11-6-udeb_1.7.2-1+deb11u2_armhf.udeb 19816b4326043fb65f098fd53244fb4d 713352 libs optional libx11-6_1.7.2-1+deb11u2_armhf.deb 1edbd83c2ae0ba36c7214dbd688a3821 787292 libdevel optional libx11-dev_1.7.2-1+deb11u2_armhf.deb 41b8ee4fff7d7f3556a164b65ae96543 205744 libdevel optional libx11-xcb-dev_1.7.2-1+deb11u2_armhf.deb 37aee1d54fb3633402a7e36ac4f32470 16976 debug optional libx11-xcb1-dbgsym_1.7.2-1+deb11u2_armhf.deb 74e54c7ffe805650696abee6b8e949a7 203472 libs optional libx11-xcb1_1.7.2-1+deb11u2_armhf.deb 0b5eb831e2cbd049655d384b5afae53f 7967 x11 optional libx11_1.7.2-1+deb11u2_armhf-buildd.buildinfo Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEKGUG2wrbdK8nNLJy1gmokJM6hDEFAmUb4HUACgkQ1gmokJM6 hDG3KA/9HGhxd1G9FgddhQXEbjpEqX9iB6bqx702qSPoOo4XYlOHCcs1MhniRdO2 lOmE/fE4cIH0F2tyVYkxO/cvPz7m7Hjkv1WHZQvDRFmJkQIhsQEHbNN+fvmuahd/ MuHYaSp3AQzFyrOefjHe8OR3eq81j09TyGs36KfGyWHhiIKOs/+kMvCkDhuAi5di kYyDB5ZsJqtPc1EiJhYTP7jZ0GKelege5f4QJBbvOdC/SwwosTapMqB7CWRISlJI pxLcLfO/she1ENqpIKvfM8zJNSvIjjqqTtOUovVfkJ26YtaGZ2uWug+gE11raj3y Y8ccgKCSLFn5xOIPRq11M3wJRzdM2rc0b83mltpgGdFnnlZ9jxyH4GMNg8ViexhC 5vRiVe8UizwwuGl+zTZ1R5iPbeX7Ea5vD5FX/KW1tLTlm38ml0nA5b96pKXgiZ0A C2SxzAQIX+6TqD2Ty/KmhmZbRUgY2kgZUoENDm43RX/xUPAFjFbCP7WKEvSNVJzZ ECqmetibVZVzbam+cfyGk4dMu9E/huV9PWe9ECjRVH/70Ab/ECgLoaaslpokTzwd QpEZvU92zExWe2SkUDKyiyQDz2NkQcYy0j7TyWINfvp2TatLD3tOykBBQcuu1FqC SDOprQIoLKHHe3Iwf+eyH2oa9lLa8pWrChR/qoeJ8dy7B5fj5BA= =N6fz -----END PGP SIGNATURE-----