Advisories ยป MGASA-2020-0334

Updated libx11 packages fix security vulnerability

Publication date: 18 Aug 2020
Modification date: 18 Aug 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-14344

Description

The X Input Method (XIM) client implementation in libX11 has some integer
overflows and signed/unsigned comparison issues that can lead to heap
corruption when handling malformed messages from an input method
(CVE-2020-14344).

The libx11 package has been updated to version 1.6.10 which fixes this issue.

The x11-proto-devel package has been updated to remove the
"/usr/include/X11/extensions/XKBgeom.h" header file which has been moved to
the libx11-devel package.
                

References

SRPMS

7/core