[SECURITY] [DSA 5517-1] libx11 security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5517-1] libx11 security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 5 Oct 2023 18:18:00 +0000
Message-id: <ZR792LUUTq2xRj/m@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5517-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
October 05, 2023                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libx11
CVE ID         : CVE-2023-43785 CVE-2023-43786 CVE-2023-43787

Multiple security vulnerabilities were discovered in libx11, the X11
client-side library, which may result in denial of service or the
execution of arbitrary code.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2:1.7.2-1+deb11u2.

For the stable distribution (bookworm), these problems have been fixed in
version 2:1.8.4-2+deb12u2.

We recommend that you upgrade your libx11 packages.

For the detailed security status of libx11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libx11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmUe/SEACgkQEMKTtsN8
TjYVyw//XICOLb5ZAfQBjWuhJvJkM7SN1pjd2Iulvqz2sNgAzSninvda2n6458BB
41fs6J5dIkCIGVWJ2/4hwBXuMMc4HO7KTTs+BW9WGBJOwd7ZpwTpvxe07M+kOPt2
iqebM5dd5QO+ifh6AHTZ3amPliKfCCUcItYN1aMpolB5N/LJBdMa8j/ebU11pu5T
GLreIskc+k4/lrJ/22Nr5SsGj0xTnXYrvBPcB6CX+aX7J1uWLyu6ZP5mBzmgjA+F
I9SH5XGzQ3l2F29tp/xJUg9lwYp7Ij+vpNP/DWLo+QC2F5Q6II0ZG9wlEA1KiYR9
l2rf7OVhtBWkaUZoVTyaSX+isj0i1BCZgyic84y/vlfVODuwAMY6K7ggZS9J+Hmd
YUvBLk8YTXFTfPZeQzglEw7U9Ia6fkV9dKeOHCrFlLelTz2umBmGfIT/WdOwSk5q
czheJsayd9VhcxOExDoqRmhOhdslI5R0p2VMcr5N5qLzPaPnvhTWw3XeirlfKu1+
SeMVGbdXF3+iWIbPtXuqOUBOmxu48HfZ/6/WyondTGN9qpTPdUgdYpHeVielziT8
WYo4q88zyaDMYIEj3Jpo+/9QHD+c60VBjumebW8F3Shat/Xq0qOWHWI4u3J5ZOXN
XJTfVGEGgtWxancMQeQxu4oejxyO8zAVbo47uDs3juuUw3kJ58Y=
=YNpi
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5516-1] libxpm security update
Next by Date: [SECURITY] [DSA 5518-1] libvpx security update
Previous by thread: [SECURITY] [DSA 5516-1] libxpm security update
Next by thread: [SECURITY] [DSA 5518-1] libvpx security update
Index(es):
- Date
- Thread