USN-4966-2

See a problem?

Source

https://ubuntu.com/security/notices/USN-4966-2

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4966-2.json

JSON Data

https://api.osv.dev/v1/vulns/USN-4966-2

Related

Published

2021-05-25T19:02:59.011415Z

Modified

2021-05-25T19:02:59.011415Z

Summary

libx11 vulnerability

Details

USN-4966-1 fixed a vulnerability in libx11. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick libx11 into emitting extra X protocol requests.

References

Affected packages

Ubuntu:Pro:14.04:LTS / libx11

Package

Name: libx11
Purl: pkg:deb/ubuntu/libx11@2:1.6.2-1ubuntu2.1+esm2?arch=src?distro=trusty/esm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.6.2-1ubuntu2.1+esm2

Affected versions

2:1.*

2:1.6.1-1ubuntu1

2:1.6.1-1ubuntu2

2:1.6.2-1ubuntu1

2:1.6.2-1ubuntu2

2:1.6.2-1ubuntu2.1

2:1.6.2-1ubuntu2.1+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "libx11-6-udeb": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-6-dbg": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-xcb1-dbg": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-xcb-dev": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-xcb1": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-doc": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-6-udeb-dbgsym": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-xcb-dev-dbgsym": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-6-dbgsym": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-dev": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-xcb1-dbgsym": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-dev-dbgsym": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-6": "2:1.6.2-1ubuntu2.1+esm2",
            "libx11-data": "2:1.6.2-1ubuntu2.1+esm2"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / libx11

Package

Name: libx11
Purl: pkg:deb/ubuntu/libx11@2:1.6.3-1ubuntu2.2+esm1?arch=src?distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.6.3-1ubuntu2.2+esm1

Affected versions

2:1.*

2:1.6.3-1ubuntu2

2:1.6.3-1ubuntu2.1

2:1.6.3-1ubuntu2.2

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "libx11-6-udeb": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-6-dbg": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-xcb1-dbg": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-xcb-dev": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-xcb1": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-doc": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-6-udeb-dbgsym": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-xcb-dev-dbgsym": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-6-dbgsym": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-dev": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-xcb1-dbgsym": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-dev-dbgsym": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-6": "2:1.6.3-1ubuntu2.2+esm1",
            "libx11-data": "2:1.6.3-1ubuntu2.2+esm1"
        }
    ]
}