LibX11 1.6.12 Released Due To Latest Security Advisory

Written by Michael Larabel in X.Org on 25 August 2020 at 11:40 AM EDT. Add A Comment
X.ORG
Not even one month passed since the previous libX11 security vulnerabilities were made public while today a new security advisory was issued along with releasing version 1.6.12 of this key X11 library.

The X.Org code-base is known for being riddled with security issues in its aging and massive code-base. Security researchers have found many bugs in recent years while fortunately today's disclosure isn't too bad.

CVE-2020-14363 is an integer overflow leading to a double free vulnerability in the way that libX11 is handling locales that was discovered by Jayden Rivers.

The fix is simple and both in libX11 Git and the newly-released 1.6.12. The libX11 1.6.12 release also has just four other fixes as well but that is all considering the short time since the prior release.
Add A Comment
Related News
xcompmgr 1.1.10 Released For Classic "Eye Candy" Compositor On X.Org
Local Privilege Escalation Vulnerability Affecting X.Org Server For 18 Years
It's Taken Until 2024 To Add FreeBSD To X.Org Continuous Integration Testing
libX11 1.8.10 Brings Memory Safety Fixes
X.Org Testing Ground Expands Its Scope To Illumos/OpenIndiana
X.Org Server Patches Look To Cleanup VRR Handling, Make It Xinerama-Aware
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features
NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance
Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries