—–BEGIN PGP SIGNED MESSAGE—–
\nHash: SHA256<\/p>\n
=====================================================================
\nRed Hat Security Advisory<\/p>\n
Synopsis: Important: tigervnc security update
\nAdvisory ID: RHSA-2023:1549-01
\nProduct: Red Hat Enterprise Linux
\nAdvisory URL: https:\/\/access.redhat.com\/errata\/RHSA-2023:1549
\nIssue date: 2023-04-03
\nCVE Names: CVE-2023-1393
\n=====================================================================<\/p>\n
1. Summary:<\/p>\n
An update for tigervnc is now available for Red Hat Enterprise Linux 8.2
\nAdvanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications
\nUpdate Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP
\nSolutions.<\/p>\n
Red Hat Product Security has rated this update as having a security impact
\nof Important. A Common Vulnerability Scoring System (CVSS) base score,
\nwhich gives a detailed severity rating, is available for each vulnerability
\nfrom the CVE link(s) in the References section.<\/p>\n
2. Relevant releases\/architectures:<\/p>\n
Red Hat Enterprise Linux AppStream AUS (v. 8.2) – aarch64, noarch, ppc64le, s390x, x86_64
\nRed Hat Enterprise Linux AppStream E4S (v. 8.2) – aarch64, noarch, ppc64le, s390x, x86_64
\nRed Hat Enterprise Linux AppStream TUS (v. 8.2) – aarch64, noarch, ppc64le, s390x, x86_64<\/p>\n
3. Description:<\/p>\n
Virtual Network Computing (VNC) is a remote display system which allows
\nusers to view a computing desktop environment not only on the machine where
\nit is running, but from anywhere on the Internet and from a wide variety of
\nmachine architectures. TigerVNC is a suite of VNC servers and clients.<\/p>\n
Security Fix(es):<\/p>\n
* xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local
\nPrivilege Escalation Vulnerability (CVE-2023-1393)<\/p>\n
For more details about the security issue(s), including the impact, a CVSS
\nscore, acknowledgments, and other related information, refer to the CVE
\npage(s) listed in the References section.<\/p>\n
4. Solution:<\/p>\n
For details on how to apply this update, which includes the changes
\ndescribed in this advisory, refer to:<\/p>\n
https:\/\/access.redhat.com\/articles\/11258<\/p>\n
5. Bugs fixed (https:\/\/bugzilla.redhat.com\/):<\/p>\n
2180288 – CVE-2023-1393 xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability<\/p>\n
6. Package List:<\/p>\n
Red Hat Enterprise Linux AppStream AUS (v. 8.2):<\/p>\n
Source:
\ntigervnc-1.9.0-15.el8_2.3.src.rpm<\/p>\n
aarch64:
\ntigervnc-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-module-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-module-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm<\/p>\n
noarch:
\ntigervnc-icons-1.9.0-15.el8_2.3.noarch.rpm
\ntigervnc-license-1.9.0-15.el8_2.3.noarch.rpm
\ntigervnc-server-applet-1.9.0-15.el8_2.3.noarch.rpm<\/p>\n
ppc64le:
\ntigervnc-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-module-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-module-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm<\/p>\n
s390x:
\ntigervnc-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.s390x.rpm<\/p>\n
x86_64:
\ntigervnc-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-module-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-module-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm<\/p>\n
Red Hat Enterprise Linux AppStream E4S (v. 8.2):<\/p>\n
Source:
\ntigervnc-1.9.0-15.el8_2.3.src.rpm<\/p>\n
aarch64:
\ntigervnc-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-module-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-module-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm<\/p>\n
noarch:
\ntigervnc-icons-1.9.0-15.el8_2.3.noarch.rpm
\ntigervnc-license-1.9.0-15.el8_2.3.noarch.rpm
\ntigervnc-server-applet-1.9.0-15.el8_2.3.noarch.rpm<\/p>\n
ppc64le:
\ntigervnc-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-module-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-module-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm<\/p>\n
s390x:
\ntigervnc-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.s390x.rpm<\/p>\n
x86_64:
\ntigervnc-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-module-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-module-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm<\/p>\n
Red Hat Enterprise Linux AppStream TUS (v. 8.2):<\/p>\n
Source:
\ntigervnc-1.9.0-15.el8_2.3.src.rpm<\/p>\n
aarch64:
\ntigervnc-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-module-1.9.0-15.el8_2.3.aarch64.rpm
\ntigervnc-server-module-debuginfo-1.9.0-15.el8_2.3.aarch64.rpm<\/p>\n
noarch:
\ntigervnc-icons-1.9.0-15.el8_2.3.noarch.rpm
\ntigervnc-license-1.9.0-15.el8_2.3.noarch.rpm
\ntigervnc-server-applet-1.9.0-15.el8_2.3.noarch.rpm<\/p>\n
ppc64le:
\ntigervnc-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-module-1.9.0-15.el8_2.3.ppc64le.rpm
\ntigervnc-server-module-debuginfo-1.9.0-15.el8_2.3.ppc64le.rpm<\/p>\n
s390x:
\ntigervnc-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.s390x.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.s390x.rpm<\/p>\n
x86_64:
\ntigervnc-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-debugsource-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-minimal-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-module-1.9.0-15.el8_2.3.x86_64.rpm
\ntigervnc-server-module-debuginfo-1.9.0-15.el8_2.3.x86_64.rpm<\/p>\n
These packages are GPG signed by Red Hat for security. Our key and
\ndetails on how to verify the signature are available from
\nhttps:\/\/access.redhat.com\/security\/team\/key\/<\/p>\n
7. References:<\/p>\n
https:\/\/access.redhat.com\/security\/cve\/CVE-2023-1393
\nhttps:\/\/access.redhat.com\/security\/updates\/classification\/#important<\/p>\n
8. Contact:<\/p>\n
The Red Hat security contact is <secalert@redhat.com>. More contact
\ndetails at https:\/\/access.redhat.com\/security\/team\/contact\/<\/p>\n
Copyright 2023 Red Hat, Inc.
\n—–BEGIN PGP SIGNATURE—–
\nVersion: GnuPG v1<\/p>\n
iQIVAwUBZDE1l9zjgjWX9erEAQj8Fg\/\/diYgICEnqTMf1csN3bfDt+nKgiBXRzNO
\n\/8JZ8pkHelA+x35XpPrvABYiNfnqDd3GZqrKOhBpOME50LsOAy2FsoAu7YVZEpSe
\n7NwDzA302hATDoHAcUqMi5FV+RyYb8\/IY\/MkcUHSK6WbjMB\/DOQi9XxSeZYlIyau
\nnOUts4A2gb6Bilm2c2lxGOKWbgDidjpTvmV5QPg+IZ5675kVRvjXdKpOOZ0HCsv+
\n8IR0DdEmZK29611A\/+DebXUYbIvzFJBCjkKiDsy634LxZ8DyaUiUmsxZxFTWZmJT
\nxvxZiSM7PD1bEH+v1SZDk8GNIakqyJxd45S6\/EPf3d0uOpFGio\/7RJIv9HLU5PbG
\nuDk9WJdKS7G0Pdy3AV71EY28JW00xe8LlFvIDOlYOYmVNImzylWZcfgn2Lrmrk30
\nuFaWXx6chVsWD+j82b8isJsPR\/+PAhrv9cGR0iNUoE928eLr84cNI1oCkgG0EvE\/
\n7DIYuorMOu0RL0emENBlWxjDney9vo7ZbzqcOSREGfBbugGjrYIvKe8OMUvS4fCz
\nMKRmeg7jyqg7vlPg4EsrWRJ06F2EMcH\/WMqdWoE+FOiZaibih9QY4GoyhOLo938l
\nYwg32HbPRgAMvNEt0gV58xIVfu5Edh249+61F+F4ADLt8VKwoZGhbUyaAQoqUlU9
\nmZUEFPgIzvI=
\n=ApGa
\n—–END PGP SIGNATURE—–
\n—
\nRHSA-announce mailing list
\nRHSA-announce@redhat.com
\nhttps:\/\/listman.redhat.com\/mailman\/listinfo\/rhsa-announce<\/p>\n","protected":false},"excerpt":{"rendered":"
—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: tigervnc security update Advisory ID: RHSA-2023:1549-01 Product: Red Hat Enterprise Linux Advisory URL: https:\/\/access.redhat.com\/errata\/RHSA-2023:1549 Issue date: 2023-04-03 CVE Names: CVE-2023-1393 ===================================================================== 1. Summary: An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-40261","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/40261","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=40261"}],"version-history":[{"count":1,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/40261\/revisions"}],"predecessor-version":[{"id":40314,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/40261\/revisions\/40314"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=40261"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=40261"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=40261"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}