Add June 15 & Oct. 2 advisories

1 files changed, 15 insertions, 0 deletions

diff --git a/Development/Security.mdwn b/Development/Security.mdwn
index c3fc52fb..e7e8840e 100644
--- a/Development/Security.mdwn
+++ b/Development/Security.mdwn
@@ -9,6 +9,21 @@ While the advisories are listed below by the most recent release they affect, mo
 See the [[Security Checklist|Development/Security/Checklist]] for the list of things to go from a bug report to a released advisory.
 
 ## X.Org 7.7
+
+* October 2, 2023 Issues in libX11 prior to 1.8.7 & libXpm prior to 3.5.17
+ * CVE-2023-43785 libX11: out-of-bounds memory access in _XkbReadKeySyms()
+ * CVE-2023-43786 libX11: stack exhaustion from infinite recursion in PutSubImage()
+ * CVE-2023-43787 libX11: integer overflow in XCreateImage() leading to a heap overflow
+ * CVE-2023-43788 libXpm: out of bounds read in XpmCreateXpmImageFromBuffer()
+ * CVE-2023-43789 libXpm: out of bounds read on XPM with corrupted colormap
+ * Fixed in [[libX11 1.8.7|https://lists.x.org/archives/xorg-announce/2023-October/003426.html]] and [[libXpm 3.5.17|https://lists.x.org/archives/xorg-announce/2023-October/003425.html]]
+ * Please see [[the advisory|https://lists.x.org/archives/xorg-announce/2023-June/003406.html]] for more information
+
+* June 15, 2023 Buffer overflows in InitExt.c in libX11 prior to 1.8.6
+ * CVE-2023-3138 Sub-object overflows in libX11
+ * Fixed in [[libX11 1.8.6|https://lists.x.org/archives/xorg-announce/2023-June/003407.html]]
+ * Please see [[the advisory|https://lists.x.org/archives/xorg-announce/2023-June/003406.html]] for more information
+
 * January 17, 2023 Issues handling XPM files in libXpm prior to 3.5.15
  * CVE-2022-46285 Infinite loop on unclosed comments
  * CVE-2022-44617 Runaway loop on width of 0 and enormous height