#9881: xorg-server-1.19.5
-------------------------+-----------------------
Reporter: bdubbs@… | Owner: ken@…
Type: enhancement | Status: assigned
Priority: high | Milestone: 8.2
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
-------------------------+-----------------------
Changes (by ken@…):
* owner: blfs-book@… => ken@…
* status: new => assigned
Comment:
One regression fix since 1.19.4 (mea culpa), and fixes for CVEs 2017-
12176 through 2017-12187. C is a terrible language, please stop writing
code in it.
Adam Jackson (2):
Revert "xf86-video-modesetting: Add ms_queue_vblank helper [v3]"
xserver 1.19.5
Michal Srb (1):
os: Make sure big requests have sufficient length.
Nathan Kidd (7):
Unvalidated lengths
xfixes: unvalidated lengths (CVE-2017-12183)
hw/xfree86: unvalidated lengths
Xi: integer overflow and unvalidated length in
(S)ProcXIBarrierReleasePointer
Xi: fix wrong extra length check in ProcXIChangeHierarchy
(CVE-2017-12178)
dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo
(CVE-2017-12177)
Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176)
The CVEs are still currently marked as 'Reserved'.
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/9881#comment:2>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
