CVSROOT: /cvs
Module name: xenocara
Changes by: [email protected] 2022/12/14 05:57:43
Modified files:
xserver/Xext : Tag: OPENBSD_7_1 saver.c xtest.c xvmain.c
xserver/Xi : Tag: OPENBSD_7_1 xipassivegrab.c xiproperty.c
xserver/dix : Tag: OPENBSD_7_1 property.c
xserver/xkb : Tag: OPENBSD_7_1 xkbUtils.c
Log message:
Fix serveral X server input validation errors that can cause varios issues:
* CVE-2022-46340/ZDI-CAN-19265: X.Org Server XTestSwapFakeInput stack
overflow
* CVE-2022-46341/ZDI-CAN-19381: X.Org Server XIPassiveUngrab
out-of-bounds access
* CVE-2022-46342/ZDI-CAN-19400: X.Org Server XvdiSelectVideoNotify
use-after-free
* CVE-2022-46343/ZDI-CAN-19404: X.Org Server ScreenSaverSetAttributes
use-after-free
* CVE-2022-46344/ZDI-CAN-19405: X.Org Server XIChangeProperty
out-of-bounds access
* CVE-2022-46283/ZDI-CAN-19530: X.Org Server XkbGetKbdByName use-after-free
from matthieu@
this is errata/7.1/015_xserver.patch.sig
