ELA-980-1 libxpm security update

Debian 9942 Published by

A libxpm security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address several vulnerabilities.



ELA-980-1 libxpm security update

Package : libxpm
Version : 1:3.5.12-0+deb8u3 (jessie), 1:3.5.12-1+deb9u2 (stretch)

Related CVEs :
CVE-2023-43786
CVE-2023-43787
CVE-2023-43788
CVE-2023-43789

Several vulnerabilities were found in libXpm, the X Pixmap (XPM) image
library.

CVE-2023-43786
Yair Mizrahi discovered an infinite recursion issue when parsing
crafted XPM files, which would result in denial of service.

CVE-2023-43787
Yair Mizrahi discovered a buffer overflow vulnerability in libX11
when parsing crafted XPM files, which could result in denial of
service or potentially the execution of arbitrary code.

CVE-2023-43788
Alan Coopersmith found an out of bounds read in
XpmCreateXpmImageFromBuffer, which could result in denial of
service when parsing crafted XPM files.

CVE-2023-43789
Alan Coopersmith discovered an out of bounds read issue when
parsing corrupted colormaps, which could lead to denial of
service when parsing crafted XPM files.

ELA-980-1 libxpm security update


USN-6419-1: jQuery UI vulnerabilities

DSA 5518-1: libvpx security update

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...