-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 10:52:32 +0200 Source: libx11 Binary: libx11-6 libx11-6-dbgsym libx11-6-udeb libx11-dev libx11-xcb-dev libx11-xcb1 libx11-xcb1-dbgsym Architecture: i386 Version: 2:1.8.4-2+deb12u2 Distribution: bookworm-security Urgency: high Maintainer: i386 Build Daemon (x86-grnet-01) Changed-By: Julien Cristau Description: libx11-6 - X11 client-side library libx11-6-udeb - X11 client-side library (udeb) libx11-dev - X11 client-side library (development headers) libx11-xcb-dev - Xlib/XCB interface library (development headers) libx11-xcb1 - Xlib/XCB interface library Changes: libx11 (2:1.8.4-2+deb12u2) bookworm-security; urgency=high . * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms() * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage() * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow * XPutImage: clip images to maximum height & width allowed by protocol * XCreatePixmap: trigger BadValue error for out-of-range dimensions Checksums-Sha1: 20ce9677a7bda6357d12ff01ca172a538ed9d0aa 984616 libx11-6-dbgsym_1.8.4-2+deb12u2_i386.deb 02a88dd3be5b80ba25c05ffbc85377224576914b 590088 libx11-6-udeb_1.8.4-2+deb12u2_i386.udeb e97b904c500d485334fa121d6307ec6a5a60b36f 782456 libx11-6_1.8.4-2+deb12u2_i386.deb 26e697babc81315ca09ba5126490152657c55f99 864196 libx11-dev_1.8.4-2+deb12u2_i386.deb e41b1b8a40c443e19b36141bc6f0c9ebd27de13e 194568 libx11-xcb-dev_1.8.4-2+deb12u2_i386.deb f21ec69da4e210ef9e81005bc6ae84c5c8bc336a 16820 libx11-xcb1-dbgsym_1.8.4-2+deb12u2_i386.deb b2497f49c65ec2562826a2ec463ec0f0264d702e 192380 libx11-xcb1_1.8.4-2+deb12u2_i386.deb 9e80d73793922c24f2c812a0c768769f36ba3084 7933 libx11_1.8.4-2+deb12u2_i386-buildd.buildinfo Checksums-Sha256: 77e97cec3882ac5ee1b49ab4cbb36d2b1f13c578989033d136f6fae5478b5644 984616 libx11-6-dbgsym_1.8.4-2+deb12u2_i386.deb f78365943949394c60d8842375644b330e9cd1151b61292ddc1bec2bf045e579 590088 libx11-6-udeb_1.8.4-2+deb12u2_i386.udeb df42dab90a6f0d064ba0aa9f0857056021b1d0c37c82ac495b83a953a5e52799 782456 libx11-6_1.8.4-2+deb12u2_i386.deb 5fe84796d56c36092a9df224d7f40e6ead7ae87085422beb05b6ae68e2b8fdab 864196 libx11-dev_1.8.4-2+deb12u2_i386.deb 680d23328f2cf08665aec5c10f77d318f2edab8373a56d84a20c2fe3a814d104 194568 libx11-xcb-dev_1.8.4-2+deb12u2_i386.deb 13e604be60d0b604ccef81807537877ce17935df203571a0a69b42b11c1796cd 16820 libx11-xcb1-dbgsym_1.8.4-2+deb12u2_i386.deb 4d96d62f7204767e68d936648c70e717f6d5915b03f74ee159140111dbd0062c 192380 libx11-xcb1_1.8.4-2+deb12u2_i386.deb 99a86102d660378dcc462e676259adacb349774b2721eb5a78d3ff8025736a02 7933 libx11_1.8.4-2+deb12u2_i386-buildd.buildinfo Files: 6acf5e678f36d9ff361a07af4442f2e5 984616 debug optional libx11-6-dbgsym_1.8.4-2+deb12u2_i386.deb 76bdf1baed3658de58fcc67ee6f6fdc5 590088 debian-installer optional libx11-6-udeb_1.8.4-2+deb12u2_i386.udeb 72455ae65e8e58df3611947b8ff62f2d 782456 libs optional libx11-6_1.8.4-2+deb12u2_i386.deb 36e01c31a33a5aa90cfd58004b8601b2 864196 libdevel optional libx11-dev_1.8.4-2+deb12u2_i386.deb c400832512f41478df4f3bb564cef58a 194568 libdevel optional libx11-xcb-dev_1.8.4-2+deb12u2_i386.deb a0d138b9c4ddf316183a8a667b86e506 16820 debug optional libx11-xcb1-dbgsym_1.8.4-2+deb12u2_i386.deb 3ed8963a77e02e6ba2754e0d7bb919ae 192380 libs optional libx11-xcb1_1.8.4-2+deb12u2_i386.deb 5b97f5190a9fd371582635b3e6ec569f 7933 x11 optional libx11_1.8.4-2+deb12u2_i386-buildd.buildinfo Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7bJOCbihllHz5a8G6bGbnoZY/NwFAmUb2soACgkQ6bGbnoZY /NyEDg/+OHzp77baNnYAdipwWMpEq4tSR4LvgxJGnInq7tMXIAHtzVifPOmOc4ip Gz6tsDhhm56aOdeMp5dtFYw7yVRhWEejn+x0Lx7rL2Lr+6Ljei+nD9ShisEAZYXy qSlkQUnbOFVHdpqhJtcuFpwpVGMHY1dqQhymPFi4SUwb7lRAxC1n4SV2OT5GKwg7 Y7DHR8xfO0YOoNaSrx1VP1mXVTXMqdSkA8h3Y2X3/cymaY4ihWRio4m34IMz0VFr 609ebgC43TBOTxHfbaXZvNH7KkZAa+mStFFDD7yWsgVMKTfkxIkc9ncnu8FSFT2F PFy5lhxqSCA8pcDgHef8jPGEkwvxYCO8YxZsddE8s8shp5LmVuicHQZUuoOQHg/l NmD9CozaKndWM3JQ6lnd08HduVriBkn/n/BwWSvt0mFLWvwisiSd/wHVZFUl+/Wn /Di2hvwiCavtnvZSHsSDy2WE4t3zZ50Q1vlqtmYzLoBO9EQZefw3xfEvC7P466VY avcJvuspQBsdesCwMqt9REjorOx92kGA4uytG3xUFle5VwazuA/AW6yt90T+ddBi sooamdEmEcZXehoxaLXRBXJx0Tuct7jvZwl9eUd1VOHMTYd4xV8tzNZJuITpn+5u R0mHLGi3R2SHDZ6cZdkyGY4JYXBijMFtf+UMwbcpPRDdG1VCs5k= =chKH -----END PGP SIGNATURE-----