[CLSA-2026:1782904895] tigervnc: Fix of 6 CVEs
Type:
security
Severity:
Important
Release date:
2026-07-01 11:21:57 UTC
Description:
- CVE-2026-50256: fix stack overflow in font alias resolution by widening XLFDMAXFONTNAMELEN to match libXfont2 MAXFONTNAMELEN (bundled Xvnc xserver) - CVE-2026-50257: fix use-after-free of sync fences in miSyncDestroyFence - CVE-2026-50258: fix stack overflow in XKB CheckKeyTypes - CVE-2026-50259: fix stack overflow in XKB _XkbSetMapChecks key-type check - CVE-2026-50260: fix use-after-free of sync counters in FreeCounter - CVE-2026-50261: fix use-after-free in SyncChangeCounter - patches backported into the bundled xserver 21.1.3 tree, reused from the xorg-x11-server-Xwayland sibling change
Updated packages:
  • tigervnc-1.12.0-13.el9_2.tuxcare.els25.x86_64.rpm
    sha:433a8b7624d667668c55d04e3932d66ce098eb8f12228868ee6e264d2ffaa25e
  • tigervnc-icons-1.12.0-13.el9_2.tuxcare.els25.noarch.rpm
    sha:300ad3dfff7f186d9d451f314944a964115f26d65baa7a0091a45841647a80c9
  • tigervnc-license-1.12.0-13.el9_2.tuxcare.els25.noarch.rpm
    sha:d46108ba49ffc05b010318c9fd9090e57a2b5f1ac861fb6abe61a0cfba385c2d
  • tigervnc-selinux-1.12.0-13.el9_2.tuxcare.els25.noarch.rpm
    sha:00853487a721dd572cf29740af3a53bbc2e6f0afc2e7e84d8c5904696a184e9c
  • tigervnc-server-1.12.0-13.el9_2.tuxcare.els25.x86_64.rpm
    sha:3a46c995c10075bba91942b7f32c8edc35cdd4f941a46a018612e75062a69dab
  • tigervnc-server-minimal-1.12.0-13.el9_2.tuxcare.els25.x86_64.rpm
    sha:f3b11cbd708b464a3dfc4a90b7acd75fbdeb2dfcd5d38150001556568835cc88
  • tigervnc-server-module-1.12.0-13.el9_2.tuxcare.els25.x86_64.rpm
    sha:05412a5a4f1db241423cac164beaa08850ea71211ea9261adfb84fa6c1335b18
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.