Bug#660411: libxi6: Memory corruption when used with recent X servers

To: Michael Karcher <debian@mkarcher.dialup.fu-berlin.de>, 660411@bugs.debian.org
Subject: Bug#660411: libxi6: Memory corruption when used with recent X servers
From: Julien Cristau <jcristau@debian.org>
Date: Sun, 19 Feb 2012 12:35:44 +0100
Message-id: <[🔎] 20120219113544.GD16069@radis.cristau.org>
Reply-to: Julien Cristau <jcristau@debian.org>, 660411@bugs.debian.org
In-reply-to: <[🔎] 20120218225534.10074.7261.reportbug@marathon.karcher.local>
References: <[🔎] 20120218225534.10074.7261.reportbug@marathon.karcher.local>

On Sat, Feb 18, 2012 at 23:55:34 +0100, Michael Karcher wrote:

> This behaviour is observable with current X servers in experimental. As
> heap corruption is a security problem (malign X servers could try to exploit
> client code using Xinput2), fixing this bug might be eligible for a stable
> update.
> 
> Commit
> http://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=635c2c029b1e73311c3f650bcaf7eeb9e782134b
> fixes the problem and applies (with offset and fuzz, though).
> 
Thanks.  I think there were a couple other changes that would be good to
include in the stable version.  I'll try to make sure at least this one
gets into the next update.

Cheers,
Julien

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Bug#660411: libxi6: Memory corruption when used with recent X servers
  - From: Michael Karcher <debian@mkarcher.dialup.fu-berlin.de>

Prev by Date: Processed: Re: Bug#660395: xserver-xorg-input-joystick: FTBFS on kfreebsd-*
Next by Date: Processed: tagging 660411
Previous by thread: Bug#660411: libxi6: Memory corruption when used with recent X servers
Next by thread: Processed: tagging 660411
Index(es):
- Date
- Thread