Release date:
2026-05-05 17:49:38 UTC
Description:
- CVE-2026-33999: fix buffer re-use in xkb _XkbSetCompatMap that miscounted
valid entries and could cause buffer overflow on subsequent SetCompatMap
requests (bundled xorg-server)
- CVE-2026-34001: fix use-after-free in miext/sync miSyncTriggerFence by
retaining a ref on the SyncFence across the trigger callback
(bundled xorg-server)
- CVE-2026-34003: add bound checking in xkb CheckKeyTypes() to prevent
reading past the request data on a crafted SetMap request
(bundled xorg-server)
Updated packages:
-
tigervnc-1.14.1-9.el9_6.tuxcare.els2.x86_64.rpm
sha:ba6137fc29e68e014f242d14580d5371d5da6384cc4e907f839cfb7dcb2f48dc
-
tigervnc-icons-1.14.1-9.el9_6.tuxcare.els2.noarch.rpm
sha:3a6b88efc9666ff5175890c00979426b7d6973fb80df7248981a7418cb82c5e9
-
tigervnc-license-1.14.1-9.el9_6.tuxcare.els2.noarch.rpm
sha:11fbe16185d261517720f42bb78aea4b41d025eb9d9d12d9dedd1e99d643f152
-
tigervnc-selinux-1.14.1-9.el9_6.tuxcare.els2.noarch.rpm
sha:c4dba1d246058c21ac03947de2692c550df502496d5044a8d277f92bfbe93ed6
-
tigervnc-server-1.14.1-9.el9_6.tuxcare.els2.x86_64.rpm
sha:d35aaa5081c0b718774be9875634c140ddffb693ac94d362147e1358b01fa58d
-
tigervnc-server-minimal-1.14.1-9.el9_6.tuxcare.els2.x86_64.rpm
sha:bf9f6cadac8212d69cf4bf6c72ac4a0fab32435a2f08e052cd7f4242b47f21d8
-
tigervnc-server-module-1.14.1-9.el9_6.tuxcare.els2.x86_64.rpm
sha:0f6fddfe373a227bab4448704e8bb36f3f592afc98df8de66c6c72ce37b71564
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
