libxkbcommon 0.8.2, CVE-2018-15853 through to 15864. These fix a number of memory handling issues with xkbcommon. Together with the keymap FD handling in various Wayland compositors (keymaps could be mapped rw and clients could thus replace the content) libxkbcommon's memory issues could serve as attack vector to gain access to another client. The update to 0.8.2 is a lot easier and safer than backporting all patches, given the number of other fixes not (yet?) assigned a CVE.
sudo dnf upgrade --advisory=FEDORA-2018-11ed8d95e2
Please login to add feedback.