Updated libx11 packages fix a security vulnerability
Publication date: 23 May 2021Type: security
Affected Mageia releases : 7 , 8
CVE: CVE-2021-31535
Description
XLookupColor() and other X libraries function lack proper validation of the length of their string parameters. If those parameters can be controlled by an external application (for instance a color name that can be emitted via a terminal control sequence) it can lead to the emission of extra X protocol requests to the X server (CVE-2021-31535).
References
SRPMS
7/core
- libx11-1.6.12-1.1.mga7
8/core
- libx11-1.7.0-1.1.mga8