libXfont: Changes to 'master'
Julien Cristau
jcristau at kemper.freedesktop.org
Wed Oct 4 19:07:29 UTC 2017
src/bitmap/pcfread.c | 13 +++++++++++--
src/fontfile/fontdir.c | 4 +++-
2 files changed, 14 insertions(+), 3 deletions(-)
New commits:
commit 672bb944311392e2415b39c0d63b1e1902905bcd
Author: Michal Srb <msrb at suse.com>
Date: Thu Jul 20 17:05:23 2017 +0200
pcfGetProperties: Check string boundaries (CVE-2017-13722)
Without the checks a malformed PCF file can cause the library to make
atom from random heap memory that was behind the `strings` buffer.
This may crash the process or leak information.
Signed-off-by: Julien Cristau <jcristau at debian.org>
commit d1e670a4a8704b8708e493ab6155589bcd570608
Author: Michal Srb <msrb at suse.com>
Date: Thu Jul 20 13:38:53 2017 +0200
Check for end of string in PatternMatch (CVE-2017-13720)
If a pattern contains '?' character, any character in the string is skipped,
even if it is '\0'. The rest of the matching then reads invalid memory.
Reviewed-by: Peter Hutterer <peter.hutterer at who-t.net>
Signed-off-by: Julien Cristau <jcristau at debian.org>
More information about the xorg-commit
mailing list