]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 87ffd7c) | patch
libXrandr: fix for CVE-2016-7947 and CVE-2016-7948
authorSona Sarmadi <sona.sarmadi@enea.com>
Fri, 27 Jan 2017 11:59:35 +0000 (12:59 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 8 Feb 2017 12:00:00 +0000 (12:00 +0000)
commit1c293e889f6eeae36f8f6ddd9676c65d613ad0fc
tree7b9bd27910f005c47ff590e223139e1090432956tree
parent87ffd7ce2e8ece8b44ff3f1c219a74b3590cf14bcommit | diff
libXrandr: fix for CVE-2016-7947 and CVE-2016-7948

CVE-2016-7947
Insufficient validation of server responses result in Integer overflows

CVE-2016-7948
Insufficient validation of server responses result in various data mishandlings

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948
https://lists.x.org/archives/xorg-announce/2016-October/002720.html

Upstream patch for both CVEs:
https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
meta/recipes-graphics/xorg-lib/libxrandr/CVE-2016-7947_CVE-2016-7948.patch [new file with mode: 0644] blob
meta/recipes-graphics/xorg-lib/libxrandr_1.5.0.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib