——————————————————————————–
Fedora Update Notification
FEDORA-2018-11ed8d95e2
2018-09-29 23:56:16.096133
——————————————————————————–

Name : libxkbcommon
Product : Fedora 27
Version : 0.8.2
Release : 1.fc27
URL : http://www.x.org
Summary : X.Org X11 XKB parsing library
Description :
libxkbcommon is the X.Org library for compiling XKB maps into formats usable by
the X Server or other display servers.

——————————————————————————–
Update Information:

libxkbcommon 0.8.2, CVE-2018-15853 through to 15864. These fix a number of
memory handling issues with xkbcommon. Together with the keymap FD handling in
various Wayland compositors (keymaps could be mapped rw and clients could thus
replace the content) libxkbcommon’s memory issues could serve as attack vector
to gain access to another client. The update to 0.8.2 is a lot easier and safer
than backporting all patches, given the number of other fixes not (yet?)
assigned a CVE.
——————————————————————————–
ChangeLog:

* Mon Aug 6 2018 Peter Hutterer <peter.hutterer@redhat.com> 0.8.2-1
– libxkbcommon 0.8.2
* Tue Jul 31 2018 Florian Weimer <fweimer@redhat.com> – 0.8.0-6
– Rebuild with fixed binutils
* Mon Jul 30 2018 Peter Hutterer <peter.hutterer@redhat.com> 0.8.0-5
– Fix invalid pointer passed to FreeStmt()
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> – 0.8.0-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 7 2018 Fedora Release Engineering <releng@fedoraproject.org> – 0.8.0-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sat Feb 3 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> – 0.8.0-2
– Switch to %ldconfig_scriptlets
* Tue Dec 19 2017 Peter Hutterer <peter.hutterer@redhat.com> 0.8.0-1
– libxkbcommon 0.8.0
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-11ed8d95e2’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org