Описание
Security update for libX11
This update for libX11 fixes the following issues:
- CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead to buffer overflows in XkbChangeTypesOfKey() (bsc#1237431).
Список пакетов
Container bci/openjdk-devel:17
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container bci/openjdk-devel:latest
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container bci/openjdk:17
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container bci/openjdk:latest
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container containers/apache-tomcat:10.1-openjdk11
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container containers/apache-tomcat:10.1-openjdk17
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container containers/apache-tomcat:10.1-openjdk21
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container containers/apache-tomcat:9-openjdk11
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container containers/apache-tomcat:9-openjdk17
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container containers/apache-tomcat:9-openjdk21
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container containers/apache-tomcat:9-openjdk8
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
Container containers/open-webui:0
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
libX11-xcb1-1.8.7-150600.3.3.1
Container suse/nginx:latest
libX11-6-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
libX11-6-1.8.7-150600.3.3.1
libX11-6-32bit-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
libX11-devel-1.8.7-150600.3.3.1
libX11-xcb1-1.8.7-150600.3.3.1
libX11-xcb1-32bit-1.8.7-150600.3.3.1
openSUSE Leap 15.6
libX11-6-1.8.7-150600.3.3.1
libX11-6-32bit-1.8.7-150600.3.3.1
libX11-data-1.8.7-150600.3.3.1
libX11-devel-1.8.7-150600.3.3.1
libX11-devel-32bit-1.8.7-150600.3.3.1
libX11-xcb1-1.8.7-150600.3.3.1
libX11-xcb1-32bit-1.8.7-150600.3.3.1
Ссылки
- Link for SUSE-SU-2025:0739-1
- E-Mail link for SUSE-SU-2025:0739-1
- SUSE Security Ratings
- SUSE Bug 1237431
- SUSE CVE CVE-2025-26597 page
Описание
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.
Затронутые продукты
Container bci/openjdk-devel:17:libX11-6-1.8.7-150600.3.3.1
Container bci/openjdk-devel:17:libX11-data-1.8.7-150600.3.3.1
Container bci/openjdk-devel:latest:libX11-6-1.8.7-150600.3.3.1
Container bci/openjdk-devel:latest:libX11-data-1.8.7-150600.3.3.1
Ссылки
- CVE-2025-26597
- SUSE Bug 1237431