Amazon Linux 2023 Security Advisory: ALAS-2025-861
Advisory Release Date: 2025-02-12 22:57 Pacific
Advisory Updated Date: 2025-02-21 13:45 Pacific
Severity:
Medium
Issue Overview:
libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a segmentation violation via the function glXGetDrawableScreen(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server. (CVE-2023-45924)
Affected Packages:
libglvnd
Issue Correction:
Run dnf update libglvnd --releasever 2023.6.20250218 to update your system.
New Packages:
aarch64:
libglvnd-gles-debuginfo-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-glx-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-debugsource-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-glx-debuginfo-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-egl-debuginfo-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-debuginfo-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-opengl-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-egl-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-core-devel-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-devel-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-gles-1.7.0-4.amzn2023.0.2.aarch64
libglvnd-opengl-debuginfo-1.7.0-4.amzn2023.0.2.aarch64
src:
libglvnd-1.7.0-4.amzn2023.0.2.src
x86_64:
libglvnd-debugsource-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-gles-debuginfo-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-glx-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-opengl-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-debuginfo-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-opengl-debuginfo-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-egl-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-egl-debuginfo-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-core-devel-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-gles-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-glx-debuginfo-1.7.0-4.amzn2023.0.2.x86_64
libglvnd-devel-1.7.0-4.amzn2023.0.2.x86_64