[CLSA-2026:1779497454] tigervnc: Fix of CVE-2026-34000
Type:
security
Severity:
Critical
Release date:
2026-05-23 00:50:58 UTC
Description:
- CVE-2026-34000: widen bounds check in _CheckSetGeom() to cover both key alias names (2 * XkbKeyNameLength) and prevent out-of-bounds read of uninitialized memory in XkbAddGeomKeyAlias() (bundled xorg-server)
Updated packages:
  • tigervnc-1.14.1-9.el9_6.tuxcare.els3.x86_64.rpm
    sha:c24ffc9dd34704d9f0b6efe3174e51294a446badf2242569b74c9522e730f87a
  • tigervnc-icons-1.14.1-9.el9_6.tuxcare.els3.noarch.rpm
    sha:dcdb537840aa789d89e303258258317a6a91a7fe5cea72078e5b171a636e9a7b
  • tigervnc-license-1.14.1-9.el9_6.tuxcare.els3.noarch.rpm
    sha:8a7d3abd52eb1f839daed22d67e2520d643a8dad37e0a8083d365e624e83aa16
  • tigervnc-selinux-1.14.1-9.el9_6.tuxcare.els3.noarch.rpm
    sha:723cb8cc44316b1bdd5306f3cee727e05e65d1f31870670a6269332ecf932a07
  • tigervnc-server-1.14.1-9.el9_6.tuxcare.els3.x86_64.rpm
    sha:1e5ba407d83a6007532e308f35259a797d8c2b9b6d6bbfd4be1317eab45855d4
  • tigervnc-server-minimal-1.14.1-9.el9_6.tuxcare.els3.x86_64.rpm
    sha:502212b70bc8019e87b3794636f94649e3e34944d87ef555f3c26de4b41deaeb
  • tigervnc-server-module-1.14.1-9.el9_6.tuxcare.els3.x86_64.rpm
    sha:58aa3d6808ba799d44e446f25510a16add1bffe30a42fea40263f28a4e912392
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.