CVS: cvs.openbsd.org: xenocara

Alexander Bluhm Tue, 17 Jun 2025 06:18:49 -0700

CVSROOT:        /cvs
Module name:    xenocara
Changes by:     bl...@cvs.openbsd.org   2025/06/17 07:18:36


Modified files:
        xserver/dix    : Tag: OPENBSD_7_7 dispatch.c 
        xserver/hw/xfree86/modes: Tag: OPENBSD_7_7 xf86RandR12.c 
        xserver/os     : Tag: OPENBSD_7_7 io.c 
        xserver/randr  : Tag: OPENBSD_7_7 rrproviderproperty.c 
        xserver/record : Tag: OPENBSD_7_7 record.c 
        xserver/render : Tag: OPENBSD_7_7 animcur.c render.c 
        xserver/xfixes : Tag: OPENBSD_7_7 disconnect.c 

Log message:
Merge fixes from upstream for multiple Xserver issues:
CVE-2025-49175: Out-of-bounds access in X Rendering extension
(Animated cursors)
CVE-2025-49176: Integer overflow in Big Requests Extension
CVE-2025-49177: Data leak in XFIXES Extension 6
(XFixesSetClientDisconnectMode)
CVE-2025-49178: Unprocessed client request via bytes to ignore
CVE-2025-49179: Integer overflow in X Record extension
CVE-2025-49180: Integer overflow in RandR extension
(RRChangeProviderProperty)

from matthieu@

this is errata/7.7/006_xserver.patch

CVS: cvs.openbsd.org: xenocara

Reply via email to