-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:01:59 +0200 Source: libx11 Binary: libx11-6 libx11-6-dbgsym libx11-6-udeb libx11-dev libx11-xcb-dev libx11-xcb1 libx11-xcb1-dbgsym Architecture: ppc64el Version: 2:1.7.2-1+deb11u2 Distribution: bullseye-security Urgency: medium Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) Changed-By: Julien Cristau Description: libx11-6 - X11 client-side library libx11-6-udeb - X11 client-side library (udeb) libx11-dev - X11 client-side library (development headers) libx11-xcb-dev - Xlib/XCB interface library (development headers) libx11-xcb1 - Xlib/XCB interface library Changes: libx11 (2:1.7.2-1+deb11u2) bullseye-security; urgency=medium . * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms() * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage() * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow * XPutImage: clip images to maximum height & width allowed by protocol * XCreatePixmap: trigger BadValue error for out-of-range dimensions Checksums-Sha1: bdfd8e5b1fdb35baf9caafea322182445c6c448b 1144668 libx11-6-dbgsym_1.7.2-1+deb11u2_ppc64el.deb 7f6bfa7016adaccdfc598adf74e060b3e3b1dc15 603036 libx11-6-udeb_1.7.2-1+deb11u2_ppc64el.udeb f361abc518e434b9ce8fd3dc1dbce56bdda81669 809428 libx11-6_1.7.2-1+deb11u2_ppc64el.deb 02cce86a0d47d55dae5198f7843d53193a286ab2 895008 libx11-dev_1.7.2-1+deb11u2_ppc64el.deb 7c956673d68be7792bd8628d33f4adfd0b101fe2 205768 libx11-xcb-dev_1.7.2-1+deb11u2_ppc64el.deb 5fc0e2767af643499a1a0efed751673e96b8a5b6 16872 libx11-xcb1-dbgsym_1.7.2-1+deb11u2_ppc64el.deb 11a5274a7f29e8a1d98864a785dc40464fb4a083 203664 libx11-xcb1_1.7.2-1+deb11u2_ppc64el.deb cc37e046f9658617d1282ab489404e92f7d514d1 8114 libx11_1.7.2-1+deb11u2_ppc64el-buildd.buildinfo Checksums-Sha256: caea883e83b90f065cb7a3907364903bd111e41c03b800d911b48b910cabc5d0 1144668 libx11-6-dbgsym_1.7.2-1+deb11u2_ppc64el.deb cda9109af1c403bbef20c97ef300fb407d5076635e8a5109ff1c29058bdb6997 603036 libx11-6-udeb_1.7.2-1+deb11u2_ppc64el.udeb 96762440f7d819db9dcc6f3513c552bbc4c4ed37564e5e83318f2e0875c943e0 809428 libx11-6_1.7.2-1+deb11u2_ppc64el.deb ac13ff977513cb52631dd45d6ba382730011bacad3d1a81c52d6c8309e5c76be 895008 libx11-dev_1.7.2-1+deb11u2_ppc64el.deb f0baf5ea34e92f3672023949cae2c2db786516c712930a63b1c6ed72c829879b 205768 libx11-xcb-dev_1.7.2-1+deb11u2_ppc64el.deb d486d3b6ce8fe549a29de7758f56364e6a1132cfcec64e951e72e911d25e0557 16872 libx11-xcb1-dbgsym_1.7.2-1+deb11u2_ppc64el.deb 9388319ad7ebaee88d360a1dce4b063e0c2058556bdfc095f8d64b369c2a5bfd 203664 libx11-xcb1_1.7.2-1+deb11u2_ppc64el.deb b9fced7fd0999edc73ea0f31063ce5108c8ad79a819b234bbb8173c98ef18137 8114 libx11_1.7.2-1+deb11u2_ppc64el-buildd.buildinfo Files: 06a92c79f8c78448eb4c4e0c32e43cb2 1144668 debug optional libx11-6-dbgsym_1.7.2-1+deb11u2_ppc64el.deb 694c5d8531211c809713061c9ac75e4c 603036 debian-installer optional libx11-6-udeb_1.7.2-1+deb11u2_ppc64el.udeb 389ebf2db5605352ceee5eff4aebe02b 809428 libs optional libx11-6_1.7.2-1+deb11u2_ppc64el.deb 41c5fd101facc764e11e06a7e3f57727 895008 libdevel optional libx11-dev_1.7.2-1+deb11u2_ppc64el.deb 478798cf4ea2b4752c62105c52a356e5 205768 libdevel optional libx11-xcb-dev_1.7.2-1+deb11u2_ppc64el.deb 3b0d66cde815326933b31dcf431e8079 16872 debug optional libx11-xcb1-dbgsym_1.7.2-1+deb11u2_ppc64el.deb 9d1098bc35cfe9ec98b3e2ee00541993 203664 libs optional libx11-xcb1_1.7.2-1+deb11u2_ppc64el.deb 2ef8bb81814065e19a58a03bcbeee383 8114 x11 optional libx11_1.7.2-1+deb11u2_ppc64el-buildd.buildinfo Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEHDNCkvGgp2XShfnByW8ECaj2byoFAmUb310ACgkQyW8ECaj2 byow3A//eGErm2uJqZQPrk46oz3vKQdaCHETU6ZLQFanH/JiDCXgP/Ql1VvTdg65 aQm+HIUfXpUxETHctAJPFa7VC8V3SH+IlDJwJq2KIDIHyuR6J+Sd+li/qdD32Z1A xY/6mf8JIQGX4lYhZdfSg3/UL0ofWfecZLbgIMa5dMzDWsvzwc9tjPwiYnKusH0M 2jH6gR8sjfpnL1BvOT6DBS+gCYrtHqQYT1oLgsH62VMyHh7NC/mKCcgsTYcuztxJ EyvwnHakcsLFHZcxUZHAEjA6YB5RmqpdAXjtVV0tgdDk6vvL6m6Ym/inQ8R3rGSU 1+rpbQfd/P+LbTpVlQrKlI5vI+vaog03vTcNpRvitH7PDaL7AmWGn23qdKNXw48n icVfE5Uwr1BZO1idZtmcLMIa0dnW7PEu2+kv72Le1f/DffACmuZ2PKfzsW1ooj9U V02NfwWr9K2HAkXYMXaY+8CUhSbxyGjRqyQGSED4FzT/hS/Gomn0fnPGUh3tfZGV sB5c5avgmuLEDWa0CabmSvw7iehj4WwRs4yavmMj+vxPLC+DLpEe1FHX9NlzGerX UDxXNdIbBRGssKzlFHXkwmYTO+CrpROce5HkGbHZLPARcPXA8jbjLWsJ/gR7u/Ea ZjhaG+cnIRSxNrOW8a42T+zc1ppL/Bc01xSA0Ky1zyarSQ+6Hhc= =PTGg -----END PGP SIGNATURE-----