[ANNOUNCE] libdmx 1.1.3

Alan Coopersmith alan.coopersmith at oracle.com
Tue May 28 17:00:38 PDT 2013


libdmx is the Xlib-based DMX (Distributed Multihead X) extension library.

This bugfix release consists solely of the fixes for the overflows
recently reported under CVE-2013-1992.

Alan Coopersmith (5):
      Use _XEatDataWords to avoid overflow of rep.length bit shifting
      integer overflow in DMXGetScreenAttributes() [CVE-2013-1992 1/3]
      integer overflow in DMXGetWindowAttributes() [CVE-2013-1992 2/3]
      integer overflow in DMXGetInputAttributes() [CVE-2013-1992 3/3]
      libdmx 1.1.3

git tag: libdmx-1.1.3

http://xorg.freedesktop.org/archive/individual/lib/libdmx-1.1.3.tar.bz2
MD5:  ba983eba5a9f05d152a0725b8e863151
SHA1: 0eeac14a06cffb04a1c78793563f233a8f8b79be
SHA256: c97da36d2e56a2d7b6e4f896241785acc95e97eb9557465fd66ba2a155a7b201

http://xorg.freedesktop.org/archive/individual/lib/libdmx-1.1.3.tar.gz
MD5:  eed755e7cdb161e05f70e955f2b0ef4d
SHA1: 07497612b658dd2b247f87fb4248bf180e82d563
SHA256: c4b24d7e13e5a67ead7a18f0b4cc9b7b5363c9d04cd01b83b5122ff92b3b4996

-- 
	-Alan Coopersmith-              alan.coopersmith at oracle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-announce/attachments/20130528/115ef5e3/attachment.pgp>


More information about the xorg-announce mailing list