CVS: cvs.openbsd.org: xenocara

Matthieu Herrb Tue, 17 Jun 2025 06:10:20 -0700

CVSROOT:        /cvs
Module name:    xenocara
Changes by:     matth...@cvs.openbsd.org        2025/06/17 07:10:07


Modified files:
        xserver/dix    : dispatch.c 
        xserver/hw/xfree86/modes: xf86RandR12.c 
        xserver/os     : io.c 
        xserver/randr  : rrproviderproperty.c 
        xserver/record : record.c 
        xserver/render : animcur.c render.c 
        xserver/xfixes : disconnect.c 

Log message:
Merge fixes from upstream for multiple Xserver issues:
CVE-2025-49175: Out-of-bounds access in X Rendering extension
(Animated cursors)
CVE-2025-49176: Integer overflow in Big Requests Extension
CVE-2025-49177: Data leak in XFIXES Extension 6
(XFixesSetClientDisconnectMode)
CVE-2025-49178: Unprocessed client request via bytes to ignore
CVE-2025-49179: Integer overflow in X Record extension
CVE-2025-49180: Integer overflow in RandR extension
(RRChangeProviderProperty)

CVS: cvs.openbsd.org: xenocara

Reply via email to