libXfont: Changes to 'master'
Alan Coopersmith
alanc at kemper.freedesktop.org
Wed Aug 10 15:41:23 PDT 2011
configure.ac | 2 +-
src/fontfile/decompress.c | 2 ++
2 files changed, 3 insertions(+), 1 deletion(-)
New commits:
commit a7970f5c817b5c75d945389cfaf1384ff23437f3
Author: Matthieu Herrb <matthieu.herrb at laas.fr>
Date: Mon Aug 8 18:08:05 2011 +0200
libXfont 1.4.4
Signed-off-by: Matthieu Herrb <matthieu.herrb at laas.fr>
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
commit d11ee5886e9d9ec610051a206b135a4cdc1e09a0
Author: Thomas Hoger <thoger at redhat.com>
Date: Mon Aug 8 18:03:09 2011 +0200
LZW decompress: fix for CVE-2011-2895
Specially crafted LZW stream can crash an application using libXfont
that is used to open untrusted font files. With X server, this may
allow privilege escalation when exploited
Reviewed-by: Matthieu Herrb <matthieu.herrb at laas.fr>
Signed-off-by: Matthieu Herrb <matthieu.herrb at laas.fr>
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
More information about the xorg-commit
mailing list