|
|
Subscribe / Log in / New account

openSUSE alert openSUSE-SU-2016:3059-1 (libXfixes)



From:
    	      opensuse-security@opensuse.org 


To:
    	      opensuse-updates@opensuse.org 


Subject:
    	      openSUSE-SU-2016:3059-1: moderate: Security update for libXfixes 


Date:
    	      Thu,  8 Dec 2016 18:08:54 +0100 (CET)


Message-ID:
    	      <20161208170854.0E730F7C8@maintenance.suse.de>


   openSUSE Security Update: Security update for libXfixes
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:3059-1
Rating:             moderate
References:         #1002995 
Cross-References:   CVE-2016-7944
Affected Products:
                    openSUSE 13.2
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:


   This update for libXfixes fixes a security issue:

   - insufficient validation of data from the X server could cause an integer
     overflow on 32 bit architectures (boo#1002995, CVE-2016-7944).


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 13.2:

      zypper in -t patch openSUSE-2016-1429=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 13.2 (i586 x86_64):

      libXfixes-debugsource-5.0.1-4.3.1
      libXfixes-devel-5.0.1-4.3.1
      libXfixes3-5.0.1-4.3.1
      libXfixes3-debuginfo-5.0.1-4.3.1

   - openSUSE 13.2 (x86_64):

      libXfixes-devel-32bit-5.0.1-4.3.1
      libXfixes3-32bit-5.0.1-4.3.1
      libXfixes3-debuginfo-32bit-5.0.1-4.3.1


References:

   https://www.suse.com/security/cve/CVE-2016-7944.html
   https://bugzilla.suse.com/1002995
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds