[CLSA-2026:1782986813] tigervnc: Fix of CVE-2026-50262
Type:
security
Severity:
Moderate
Release date:
2026-07-02 10:07:10 UTC
Description:
- CVE-2026-50262: fix reversed request-length check in GLX __glXDisp_ChangeDrawableAttributes (and swapped variant) by reverting the mesa size-check workaround and restoring REQUEST_FIXED_SIZE / REQUEST_SIZE_MATCH in the bundled xserver GLX handlers (out-of-bounds read)
CVEs fixed:
Updated packages:
  • tigervnc-1.12.0-13.el9_2.tuxcare.els26.x86_64.rpm
    sha:9be0541af2dd9327a0de6613ff280f2713e733b2f2e410d97a994858eb88161f
  • tigervnc-icons-1.12.0-13.el9_2.tuxcare.els26.noarch.rpm
    sha:8a84a653982fad910b897e2a69153fb693fca7a8bf1a294ac384e29ac5075298
  • tigervnc-license-1.12.0-13.el9_2.tuxcare.els26.noarch.rpm
    sha:37be6fd0d68f77e03e616a8f66acd92ea62cd837b5e782a6957d21c88001b398
  • tigervnc-selinux-1.12.0-13.el9_2.tuxcare.els26.noarch.rpm
    sha:42f77a62fb0e04a16089974074322aa6180d6b353f56b12c27423942f0be2529
  • tigervnc-server-1.12.0-13.el9_2.tuxcare.els26.x86_64.rpm
    sha:e9b696d8ffca4efc46339e84defad7f661ba9b7213d424f047bd8515de496676
  • tigervnc-server-minimal-1.12.0-13.el9_2.tuxcare.els26.x86_64.rpm
    sha:19faed51aafd985d055529c2926c89d2fea9e0e1670758aa328cb73bc9545a7e
  • tigervnc-server-module-1.12.0-13.el9_2.tuxcare.els26.x86_64.rpm
    sha:bafa01f50f1219480c5a75f4c0a4c2208a85e4c5d547e38729c11841f51470ff
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.