|
|
|
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] tigervnc (SSA:2026-108-01)
Date: Sat, 18 Apr 2026 17:12:43 -0700 (PDT) |
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] tigervnc (SSA:2026-108-01)
New tigervnc packages are available for Slackware 15.0 and -current to
fix security issues.
Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
extra/tigervnc/tigervnc-1.16.2-i586-2_slack15.0.txz: Rebuilt.
Rebuilt against xorg-server-1.20.14 patched to fix security issues:
XKB Integer Underflow in XkbSetCompatMap().
XKB Out-of-bounds Read in CheckSetGeom().
XSYNC Use-after-free in miSyncTriggerFence().
XKB Out-of-bounds read in CheckModifierMap().
XKB Buffer overflow in CheckKeyTypes().
For more information, see:
https://lists.x.org/archives/xorg-devel/2026-April/059446.html
https://www.cve.org/CVERecord?id=CVE-2026-33999
https://www.cve.org/CVERecord?id=CVE-2026-34000
https://www.cve.org/CVERecord?id=CVE-2026-34001
https://www.cve.org/CVERecord?id=CVE-2026-34002
https://www.cve.org/CVERecord?id=CVE-2026-34003
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/extra/tigervnc/tigervnc-1.16.2-i586-2_slack15.0.txz
Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/extra/tigervnc/tigervnc-1.16.2-x86_64-2_slack15.0.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/extra/tigervnc/tigervnc-1.16.2-i686-2.txz
Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/extra/tigervnc/tigervnc-1.16.2-x86_64-2.txz
MD5 signatures:
+-------------+
Slackware 15.0 package:
8b2682a2a5b5f53c0010e376c92684f2 tigervnc-1.16.2-i586-2_slack15.0.txz
Slackware x86_64 15.0 package:
11f21182cad730ef64c9f5275074cde2 tigervnc-1.16.2-x86_64-2_slack15.0.txz
Slackware -current package:
697027c266f16e99170e0fbc258a1e48 tigervnc-1.16.2-i686-2.txz
Slackware x86_64 -current package:
15118c571f7e0543397923b8fccb2205 tigervnc-1.16.2-x86_64-2.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg tigervnc-1.16.2-i586-2_slack15.0.txz
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
iHkEARECADkWIQTsVknaQB4iq/pnNu9qRGPAQBAiMwUCaeQcohsUgAAAAAAEAA5t
YW51MiwyLjUrMS4xMiwyLDIACgkQakRjwEAQIjONhwCdFSrzhiny8pITh1CisPLd
wg9qNwQAoIzT6kVxxGv4sE2YzT+1kvpdznrV
=288q
-----END PGP SIGNATURE-----
|
|
|
