libXinerama: Changes to 'master'
Alan Coopersmith
alanc at kemper.freedesktop.org
Thu May 23 08:36:01 PDT 2013
configure.ac | 6 +++++
src/Xinerama.c | 61 ++++++++++++++++++++++++++++++++++++++++++---------------
2 files changed, 51 insertions(+), 16 deletions(-)
New commits:
commit 99c644fc8488657bdd106717df7446d606f9ef22
Author: Alan Coopersmith <alan.coopersmith at oracle.com>
Date: Fri Mar 8 19:55:55 2013 -0800
integer overflow in XineramaQueryScreens() [CVE-2013-1985]
If the reported number of screens is too large, the calculations to
allocate memory for them may overflow, leaving us writing beyond the
bounds of the allocation.
Reported-by: Ilja Van Sprundel <ivansprundel at ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
commit 7ce3ce4be46087f9cc57cb415875abaaa961f734
Author: Alan Coopersmith <alan.coopersmith at oracle.com>
Date: Sat May 4 09:21:14 2013 -0700
Use _XEatDataWords to avoid overflow of _XEatData calculations
rep.length is a CARD32, so rep.length << 2 could overflow in 32-bit builds
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
More information about the xorg-commit
mailing list