Описание
Security update for xorg-x11-libs
This update for xorg-x11-libs fixes the following issues:
- insufficient validation of data from the X server can cause a one byte buffer read underrun (bsc#1003023, CVE-2016-7953)
- insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service) (bsc#1003012, CVE-2016-7951, CVE-2016-7952)
- insufficient validation of data from the X server can cause out of boundary memory writes (bsc#1003000, CVE-2016-7947, CVE-2016-7948)
- insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service). (bsc#1002998, CVE-2016-7945, CVE-2016-7946)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Ссылки
- Link for SUSE-SU-2016:3189-1
- E-Mail link for SUSE-SU-2016:3189-1
- SUSE Security Ratings
- SUSE Bug 1002998
- SUSE Bug 1003000
- SUSE Bug 1003012
- SUSE Bug 1003023
- SUSE CVE CVE-2016-7945 page
- SUSE CVE CVE-2016-7946 page
- SUSE CVE CVE-2016-7947 page
- SUSE CVE CVE-2016-7948 page
- SUSE CVE CVE-2016-7951 page
- SUSE CVE CVE-2016-7952 page
- SUSE CVE CVE-2016-7953 page
Описание
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
Затронутые продукты
Ссылки
- CVE-2016-7945
- SUSE Bug 1002998
- SUSE Bug 1134167
- SUSE Bug 1159415
Описание
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
Затронутые продукты
Ссылки
- CVE-2016-7946
- SUSE Bug 1002998
- SUSE Bug 1134167
- SUSE Bug 1159415
Описание
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
Затронутые продукты
Ссылки
- CVE-2016-7947
- SUSE Bug 1003000
- SUSE Bug 1159415
Описание
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
Затронутые продукты
Ссылки
- CVE-2016-7948
- SUSE Bug 1003000
- SUSE Bug 1159415
Описание
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.
Затронутые продукты
Ссылки
- CVE-2016-7951
- SUSE Bug 1003012
- SUSE Bug 1159415
Описание
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
Затронутые продукты
Ссылки
- CVE-2016-7952
- SUSE Bug 1003012
- SUSE Bug 1159415
Описание
Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
Затронутые продукты
Ссылки
- CVE-2016-7953
- SUSE Bug 1003023
- SUSE Bug 1159415