Release date:
2026-06-30 09:48:54 UTC
Description:
- CVE-2026-50256: increase XLFDMAXFONTNAMELEN to 1024 and bound-check resolved
font-alias names before copying into the pattern buffers, preventing a
stack overflow during alias resolution (bundled xorg-server)
- CVE-2026-50257, CVE-2026-50260: fix use-after-free when destroying sync
fences (miSyncDestroyFence) and counters (FreeCounter) whose trigger list
is shared across an Await group (bundled xorg-server)
- CVE-2026-50258: reject XKB key types whose numLevels exceeds
XkbMaxShiftLevel in CheckKeyTypes, preventing a stack overflow in
XkbKeyTypesForCoreSymbols (bundled xorg-server)
- CVE-2026-50259: clamp nMaps to the mapWidths buffer size in CheckKeyTypes
so an XkbSetMap resize request cannot overflow the stack buffer
(bundled xorg-server)
- CVE-2026-50261: restart trigger-list iteration in SyncChangeCounter after
a trigger fires, preventing a use-after-free of freed trigger nodes
(bundled xorg-server)
- CVE-2026-50262: enforce an exact request size in glx
ChangeDrawableAttributes, fixing a reversed length check that allowed an
out-of-bounds read/write (bundled xorg-server)
- CVE-2026-50263: re-fetch the screen-saver screen private after
CheckScreenPrivate in CreateSaverWindow, preventing a use-after-free
(bundled xorg-server)
Updated packages:
-
tigervnc-1.14.1-9.el9_6.tuxcare.els4.x86_64.rpm
sha:7a48ccd2fd9c712bfcc545a49fa126a53dd26d2f077298bea993bffcd90f67c4
-
tigervnc-icons-1.14.1-9.el9_6.tuxcare.els4.noarch.rpm
sha:c00cf8ebbd85d903edc30cdd8cee820d3544f2ba4c08346805c595b0b0c3d86b
-
tigervnc-license-1.14.1-9.el9_6.tuxcare.els4.noarch.rpm
sha:169114be3b7b707109efb9ff87ac1e749407f1563614b6c0f62209d1868507ef
-
tigervnc-selinux-1.14.1-9.el9_6.tuxcare.els4.noarch.rpm
sha:7190dbaba742870b0ffca985256753e377c06a8cebaf5be774bf2cf0790b8064
-
tigervnc-server-1.14.1-9.el9_6.tuxcare.els4.x86_64.rpm
sha:debdcb0435b47fc5dae480893ab0a50de22f7d4a6590b09f734f11aaa3181159
-
tigervnc-server-minimal-1.14.1-9.el9_6.tuxcare.els4.x86_64.rpm
sha:4443f5d705a2409ffb892f053960e65185cad54f0e4f1ab4beacb93c4960a700
-
tigervnc-server-module-1.14.1-9.el9_6.tuxcare.els4.x86_64.rpm
sha:d019f676a744fad22fed067f9a9ae92394a96de9ad0656559cd7f42ac1aa9020
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.