RLSA-2025:9305

Опубликовано: 29 июл. 2025

Источник: rocky

Оценка: Important

Описание

Important: xorg-x11-server and xorg-x11-server-Xwayland security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

Security Fix(es):

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors (CVE-2025-49175)
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension (CVE-2025-49176)
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore (CVE-2025-49178)
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension (CVE-2025-49179)
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension (CVE-2025-49180)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Наименование	Архитектура	Релиз	RPM
xorg-x11-server-common	x86_64	26.el8_10	xorg-x11-server-common-1.20.11-26.el8_10.x86_64.rpm
xorg-x11-server-Xdmx	x86_64	26.el8_10	xorg-x11-server-Xdmx-1.20.11-26.el8_10.x86_64.rpm
xorg-x11-server-Xephyr	x86_64	26.el8_10	xorg-x11-server-Xephyr-1.20.11-26.el8_10.x86_64.rpm
xorg-x11-server-Xnest	x86_64	26.el8_10	xorg-x11-server-Xnest-1.20.11-26.el8_10.x86_64.rpm
xorg-x11-server-Xorg	x86_64	26.el8_10	xorg-x11-server-Xorg-1.20.11-26.el8_10.x86_64.rpm
xorg-x11-server-Xvfb	x86_64	26.el8_10	xorg-x11-server-Xvfb-1.20.11-26.el8_10.x86_64.rpm
xorg-x11-server-Xwayland	x86_64	18.el8_10	xorg-x11-server-Xwayland-21.1.3-18.el8_10.x86_64.rpm