Bug#852966: jessie-pu: package libxi/2:1.7.4-1+deb8u1

To: 852966@bugs.debian.org, Julien Cristau <jcristau@debian.org>
Subject: Bug#852966: jessie-pu: package libxi/2:1.7.4-1+deb8u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 17 Nov 2017 06:31:34 +0000
Message-id: <[🔎] 1510900294.3138.13.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 852966@bugs.debian.org
In-reply-to: <1485617922.1797.17.camel@adam-barratt.org.uk>
References: <20170128152359.nzdzmtd2vl6bvtca@betterave.cristau.org> <1485617922.1797.17.camel@adam-barratt.org.uk> <20170128152359.nzdzmtd2vl6bvtca@betterave.cristau.org>

Control: tags -1 + pending

On Sat, 2017-01-28 at 15:38 +0000, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Sat, 2017-01-28 at 16:23 +0100, Julien Cristau wrote:
> > I think this is the last one for this round.  It's also the one I'm
> > least confident about.  But it's been in sid and wheezy-lts for a
> > while,
> > and a couple of issues have already been found and fixed, so maybe
> > it's
> > ok.
> 
> Fingers crossed.
> 
> > +libxi (2:1.7.4-1+deb8u1) jessie; urgency=medium
> > +
> > +  * Insufficient validation of data from the X server can cause
> > out of
> > +    boundary memory access or endless loops.  Addresses CVE-2016-
> > 7945 and
> > +    CVE-2016-7946.
> 
> Please go ahead.
> 

Uploaded and flagged for acceptance.

Regards,

Adam

Reply to:

Prev by Date: Bug#852961: jessie-pu: package libxv/2:1.0.10-1+deb8u1
Next by Date: Processed: Re: Bug#852961: jessie-pu: package libxv/2:1.0.10-1+deb8u1
Previous by thread: Processed: Re: Bug#852961: jessie-pu: package libxv/2:1.0.10-1+deb8u1
Next by thread: Processed: Re: Bug#852966: jessie-pu: package libxi/2:1.7.4-1+deb8u1
Index(es):
- Date
- Thread