Bug#401956: libx11-6: contents of .XCompose file are leaked to subprocesses (possibly unprivileged)
On Thu, Dec 7, 2006 at 20:32:29 +0100, Julien Cristau wrote:
> On Thu, Dec 7, 2006 at 10:31:45 -0800, Jamey Sharp wrote:
>
> > forwarded 401956 https://bugs.freedesktop.org/show_bug.cgi?id=8699
> > tags 401956 + upstream fixed-upstream fixed-in-experimental
> > thanks
> >
> > This is upstream bug #8699, fixed in libX11 1.1-RC2 and later with this
> > commit:
> > http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git;a=commitdiff_plain;h=686bb8b35acf6cecae80fe89b2b5853f5816ce19
> >
> > According to the upstream bug report, it has been assigned
> > CVE-2006-5397.
> >
> This was fixed in libx11 2:1.0.3-3 (#398460).
>
However, I just noticed a similar bug related to Compose file parsing:
https://bugs.freedesktop.org/show_bug.cgi?id=9279
Cheers,
Julien
Reply to: