Bug#906042: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu
Dear stable release manager,
Please consider libxcursor (1:1.1.14-1+deb9u2) for stretch:
libxcursor (1:1.1.14-1+deb9u2) stretch; urgency=high
* Fix a denial of service or potentially code execution via
a one-byte heap overflow. (CVE-2015-9262) Closes: #906012)
The full diff is attached.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
diff --git a/debian/changelog b/debian/changelog
index a0673f8..ac26e16 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+libxcursor (1:1.1.14-1+deb9u2) stretch; urgency=high
+
+ * Fix a denial of service or potentially code execution via
+ a one-byte heap overflow. (CVE-2015-9262) Closes: #906012)
+
+ -- Chris Lamb <lamby@debian.org> Mon, 13 Aug 2018 09:09:13 +0200
+
libxcursor (1:1.1.14-1+deb9u1) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
diff --git a/debian/patches/CVE-2015-9262.patch b/debian/patches/CVE-2015-9262.patch
new file mode 100644
index 0000000..1191b93
--- /dev/null
+++ b/debian/patches/CVE-2015-9262.patch
@@ -0,0 +1,23 @@
+commit 897213f36baf6926daf6d192c709cf627aa5fd05
+Author: shubham shrivastav <shubham.sh@samsung.com>
+Date: Fri Jun 5 13:36:22 2015 -0700
+
+ Insufficient memory for terminating null of string in _XcursorThemeInherits
+
+ Fix does one byte of memory allocation for null termination of string.
+ https://bugs.freedesktop.org/show_bug.cgi?id=90857
+
+ Reviewed-by: Keith Packard <keithp@keithp.com>
+ Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+
+--- libxcursor-1.1.14.orig/src/library.c
++++ libxcursor-1.1.14/src/library.c
+@@ -180,7 +180,7 @@ _XcursorThemeInherits (const char *full)
+ if (*l != '=') continue;
+ l++;
+ while (*l == ' ') l++;
+- result = malloc (strlen (l));
++ result = malloc (strlen (l) + 1);
+ if (result)
+ {
+ r = result;
diff --git a/debian/patches/series b/debian/patches/series
index b5ab2b3..6570382 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
+CVE-2015-9262.patch
Fix-heap-overflows-when-parsing-malicious-files.-CVE.patch
Reply to: