[ANNOUNCE] libdmx 1.1.3
Alan Coopersmith
alan.coopersmith at oracle.com
Tue May 28 17:00:38 PDT 2013
libdmx is the Xlib-based DMX (Distributed Multihead X) extension library.
This bugfix release consists solely of the fixes for the overflows
recently reported under CVE-2013-1992.
Alan Coopersmith (5):
Use _XEatDataWords to avoid overflow of rep.length bit shifting
integer overflow in DMXGetScreenAttributes() [CVE-2013-1992 1/3]
integer overflow in DMXGetWindowAttributes() [CVE-2013-1992 2/3]
integer overflow in DMXGetInputAttributes() [CVE-2013-1992 3/3]
libdmx 1.1.3
git tag: libdmx-1.1.3
http://xorg.freedesktop.org/archive/individual/lib/libdmx-1.1.3.tar.bz2
MD5: ba983eba5a9f05d152a0725b8e863151
SHA1: 0eeac14a06cffb04a1c78793563f233a8f8b79be
SHA256: c97da36d2e56a2d7b6e4f896241785acc95e97eb9557465fd66ba2a155a7b201
http://xorg.freedesktop.org/archive/individual/lib/libdmx-1.1.3.tar.gz
MD5: eed755e7cdb161e05f70e955f2b0ef4d
SHA1: 07497612b658dd2b247f87fb4248bf180e82d563
SHA256: c4b24d7e13e5a67ead7a18f0b4cc9b7b5363c9d04cd01b83b5122ff92b3b4996
--
-Alan Coopersmith- alan.coopersmith at oracle.com
Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-announce/attachments/20130528/115ef5e3/attachment.pgp>
More information about the xorg-announce
mailing list