Fix CVE-2025-49175: xorg-x11-server: Out-of-Bounds Read in X Rendering Extension Animated Cursors

Resolves: RHEL-97284

Fix CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension
Resolves: RHEL-97303

Fix CVE-2025-49178: xorg-x11-server: Unprocessed Client Request Due to Bytes to Ignore
Resolves: RHEL-97379

Fix CVE-2025-49179: xorg-x11-server: Integer overflow in X Record extension
Resolves: RHEL-97414

Fix CVE-2025-49180: xorg-x11-server: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension
Resolves: RHEL-97429
This commit is contained in:
Jan Grulich 2025-06-23 11:48:59 +02:00
parent cd2b821cf7
commit 8e02c2f3a3

View File

@ -5,7 +5,7 @@
Name: tigervnc
Version: 1.15.0
Release: 4%{?dist}
Release: 5%{?dist}
Summary: A TigerVNC remote display system
%global _hardened_build 1
@ -398,6 +398,22 @@ fi
%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
%changelog
* Mon Jun 23 2025 Jan Grulich <jgrulich@redhat.com> - 1.15.0-5
- Fix CVE-2025-49175: xorg-x11-server: Out-of-Bounds Read in X Rendering Extension Animated Cursors
Resolves: RHEL-97284
- Fix CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension
Resolves: RHEL-97303
- Fix CVE-2025-49178: xorg-x11-server: Unprocessed Client Request Due to Bytes to Ignore
Resolves: RHEL-97379
- Fix CVE-2025-49179: xorg-x11-server: Integer overflow in X Record extension
Resolves: RHEL-97414
- Fix CVE-2025-49180: xorg-x11-server: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension
Resolves: RHEL-97429
* Tue May 27 2025 Jan Grulich <jgrulich@redhat.com> - 1.15.0-4
- Fix broken authentication with x0vncserver
Resolves: RHEL-93573