-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 10:52:32 +0200 Source: libx11 Binary: libx11-6 libx11-6-dbgsym libx11-6-udeb libx11-dev libx11-xcb-dev libx11-xcb1 libx11-xcb1-dbgsym Architecture: armel Version: 2:1.8.4-2+deb12u2 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-06) Changed-By: Julien Cristau Description: libx11-6 - X11 client-side library libx11-6-udeb - X11 client-side library (udeb) libx11-dev - X11 client-side library (development headers) libx11-xcb-dev - Xlib/XCB interface library (development headers) libx11-xcb1 - Xlib/XCB interface library Changes: libx11 (2:1.8.4-2+deb12u2) bookworm-security; urgency=high . * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms() * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage() * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow * XPutImage: clip images to maximum height & width allowed by protocol * XCreatePixmap: trigger BadValue error for out-of-range dimensions Checksums-Sha1: 2ad6a2f76e16a771a005ea3ed46f83e055841958 1096620 libx11-6-dbgsym_1.8.4-2+deb12u2_armel.deb 7e0f5fc607240fd9ed0a80d85555b5c052a12a04 506620 libx11-6-udeb_1.8.4-2+deb12u2_armel.udeb dd2464f1f4086652bc01069007b44f8fa8f69c3d 697224 libx11-6_1.8.4-2+deb12u2_armel.deb bf0ced6a36eb9bffa184d6610afc5f5dc2cb7a63 775408 libx11-dev_1.8.4-2+deb12u2_armel.deb 328a4936a759cf310457a2e84bc4b65fab760d49 194560 libx11-xcb-dev_1.8.4-2+deb12u2_armel.deb c922f98b2a54806f66416ef369a8eee41ebb8ae6 16952 libx11-xcb1-dbgsym_1.8.4-2+deb12u2_armel.deb 280f923b2c149560b31079fea1f559c714aaed1b 192304 libx11-xcb1_1.8.4-2+deb12u2_armel.deb c175e037dad9e9dbdf33a8260d83aef530920f51 7868 libx11_1.8.4-2+deb12u2_armel-buildd.buildinfo Checksums-Sha256: 0e987aa051b4137079ed1e40de1b152b6a52699fb901f8fde3d1e357e6648e5d 1096620 libx11-6-dbgsym_1.8.4-2+deb12u2_armel.deb b62e6082235d8b111192e394e811319e5c87b5cff5729b9048c340b108d46f1e 506620 libx11-6-udeb_1.8.4-2+deb12u2_armel.udeb a09925794f0dc4f8b4cac87352e7926eb81c988e7ef6022dab12bff65e91ef87 697224 libx11-6_1.8.4-2+deb12u2_armel.deb ba22e4b4b6e8417c2435fd506604ac1ae5c48947d252ae34b0b927f77c648c07 775408 libx11-dev_1.8.4-2+deb12u2_armel.deb 6c732d294fb470eb11df51de95c92007354272efe685ad230321c861d01f5d66 194560 libx11-xcb-dev_1.8.4-2+deb12u2_armel.deb a35566ea1ae9eb33709c1498155fcf58e7e01ee582024fffbd81fe410e563573 16952 libx11-xcb1-dbgsym_1.8.4-2+deb12u2_armel.deb 254be317012f12d5f0cdef76b845459be1798902f5d9f678a15fe38a29050e90 192304 libx11-xcb1_1.8.4-2+deb12u2_armel.deb 94367448305bc82461dbbb46ec6a3d4505179c2b7ebd278c20e0d85070312513 7868 libx11_1.8.4-2+deb12u2_armel-buildd.buildinfo Files: 19b8d24d0ea61805732f15d13e61b893 1096620 debug optional libx11-6-dbgsym_1.8.4-2+deb12u2_armel.deb d4ae81a3c0f513f5bb04e823daac6fc6 506620 debian-installer optional libx11-6-udeb_1.8.4-2+deb12u2_armel.udeb 7b02e63ff8f72036c80aa628abf020a6 697224 libs optional libx11-6_1.8.4-2+deb12u2_armel.deb 0336932d2819bc0a0db3f9bbacab7dcb 775408 libdevel optional libx11-dev_1.8.4-2+deb12u2_armel.deb 971852d6fea93c975e96357831f22556 194560 libdevel optional libx11-xcb-dev_1.8.4-2+deb12u2_armel.deb 0f585be14c5362086efff01c2398f266 16952 debug optional libx11-xcb1-dbgsym_1.8.4-2+deb12u2_armel.deb 0dc7702e3ec4788d679b288e775d0219 192304 libs optional libx11-xcb1_1.8.4-2+deb12u2_armel.deb 65e5da0f6424d5deb7704d6234c8ccfe 7868 x11 optional libx11_1.8.4-2+deb12u2_armel-buildd.buildinfo Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEdkvJoTVAIZVYaO9cyYck2apzqqMFAmUb24EACgkQyYck2apz qqPYnxAAgEgxxjSZSvx01BH0lYG7IteJnY9IwXQ2kq7ISEOnl/DXfQFfJi1/96aB 8RFKIxRN9dTIOBifcSc6OqnZ3NwlKkreT5nhMZ6mMxcmbDxvJGv1giPjqLfqVzWe zCad1rfB5plxXzW6uHbMvYz985kQqxSU4mD/JQHW6am2rxcsE3Vvzgji99bKXgCa 3kGMZQ7rgTbni9kLcU9vQqsr612d3jVBfcOMLfUP5HaOSIpxDiZxDcDoj8LA3bmA wNdP3FQVCwvDE3G5DHy/NT4LJyq6Wws4kKgZ4o6psYPNIihjzF4qb5KxXYd6MvJq M1oEO3UoElHx2Uq8+V9mQFIAjEzHlUnnnJi0za+mWDVo/G2nyk03CYIsqLB7+IsL o5W9i1S9rQqKyEC068MaEwJVoPW1nZnoO5aIbsv1+Fa8TJjK4PvSvhRvohoLC/KH yARmu/Ou0Mr5zi1JDuU/zGEmSTquAtcotdwXo7IjLsgLXvBdN6biVwXGvCA1Uu3L BA9tw/WBYwg0ag5jUE3a/wP6UdLKPnWPMjRlIybTWOzJ9mzS+n5OZmw4l/7NCF/p suMGtfpD0RTb2p1ENP+DU3OL+kInoHTPOgcEJUmFLcejYO9aTMPYFJ5eA6vTXOpF gYZgi+WGmjliQ3oJ0BhZZKOwzaUE/92qtpssJ6OWimnG2XH7/wk= =SDMM -----END PGP SIGNATURE-----