Bug#660411: marked as done (libxi6: Memory corruption when used with recent X servers)

To: Julien Cristau <jcristau@debian.org>
Subject: Bug#660411: marked as done (libxi6: Memory corruption when used with recent X servers)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Thu, 03 May 2012 21:20:22 +0000
Message-id: <[🔎] handler.660411.D660411.13360790918319.ackdone@bugs.debian.org>
References: <E1SQ3Ck-00043H-LT@franck.debian.org> <20120218225534.10074.7261.reportbug@marathon.karcher.local>

Your message dated Thu, 03 May 2012 21:04:50 +0000
with message-id <E1SQ3Ck-00043H-LT@franck.debian.org>
and subject line Bug#660411: fixed in libxi 2:1.3-7
has caused the Debian Bug report #660411,
regarding libxi6: Memory corruption when used with recent X servers
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
660411: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660411
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libxi6: Memory corruption when used with recent X servers
From: Michael Karcher <debian@mkarcher.dialup.fu-berlin.de>
Date: Sat, 18 Feb 2012 23:55:34 +0100
Message-id: <20120218225534.10074.7261.reportbug@marathon.karcher.local>

Package: libxi6
Version: 2:1.3-6
Severity: important
Tags: upstream patch

libXi can cause heap corruption if it receices unknown device classes
in input devices, as it does not allocate any space to unknown classes,
yet it stores type and ID information of that class. If the unknown classes
are at the end of the list, 8 bytes following the allocated class info
block are corrupted.

This behaviour is observable with current X servers in experimental. As
heap corruption is a security problem (malign X servers could try to exploit
client code using Xinput2), fixing this bug might be eligible for a stable
update.

Commit
http://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=635c2c029b1e73311c3f650bcaf7eeb9e782134b
fixes the problem and applies (with offset and fuzz, though).

Regards,
  Michael Karcher

-- System Information:
Debian Release: 6.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i586)

Kernel: Linux 2.6.32-5-486
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libxi6 depends on:
ii  libc6                         2.11.3-2   Embedded GNU C Library: Shared lib
ii  libx11-6                      2:1.3.3-4  X11 client-side library
ii  libxext6                      2:1.1.2-1  X11 miscellaneous extension librar

libxi6 recommends no packages.

libxi6 suggests no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

To: 660411-close@bugs.debian.org
Subject: Bug#660411: fixed in libxi 2:1.3-7
From: Julien Cristau <jcristau@debian.org>
Date: Thu, 03 May 2012 21:04:50 +0000
Message-id: <E1SQ3Ck-00043H-LT@franck.debian.org>

Source: libxi
Source-Version: 2:1.3-7

We believe that the bug you reported is fixed in the latest version of
libxi, which is due to be installed in the Debian FTP archive:

libxi-dev_1.3-7_amd64.deb
  to main/libx/libxi/libxi-dev_1.3-7_amd64.deb
libxi6-dbg_1.3-7_amd64.deb
  to main/libx/libxi/libxi6-dbg_1.3-7_amd64.deb
libxi6-udeb_1.3-7_amd64.udeb
  to main/libx/libxi/libxi6-udeb_1.3-7_amd64.udeb
libxi6_1.3-7_amd64.deb
  to main/libx/libxi/libxi6_1.3-7_amd64.deb
libxi_1.3-7.diff.gz
  to main/libx/libxi/libxi_1.3-7.diff.gz
libxi_1.3-7.dsc
  to main/libx/libxi/libxi_1.3-7.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 660411@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julien Cristau <jcristau@debian.org> (supplier of updated libxi package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 02 May 2012 23:46:50 +0200
Source: libxi
Binary: libxi6 libxi6-udeb libxi6-dbg libxi-dev
Architecture: source amd64
Version: 2:1.3-7
Distribution: squeeze
Urgency: low
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description: 
 libxi-dev  - X11 Input extension library (development headers)
 libxi6     - X11 Input extension library
 libxi6-dbg - X11 Input extension library (debug package)
 libxi6-udeb - X11 Input extension library (udeb)
Closes: 660411 661021
Changes: 
 libxi (2:1.3-7) squeeze; urgency=low
 .
   * Cherry-pick patches from upstream:
     - Fix passive grabs
     - Fill in mods/group->effective in XIQueryPointer
     - Handle unknown device classes (closes: #661021, #660411)
Checksums-Sha1: 
 52580193176d160b0f48515cea6d45de996d9461 2089 libxi_1.3-7.dsc
 b464c9ca6132d398da8ee439c946874b360e3bd3 22506 libxi_1.3-7.diff.gz
 7b0e872af5d35abce75569ce606dba7553715ecf 56428 libxi6_1.3-7_amd64.deb
 e7b894513f3afe2d1dc5192d6b883adc91a54a49 26020 libxi6-udeb_1.3-7_amd64.udeb
 43c9735a67f72b523dc6e68bc030f85c60cfcae7 401416 libxi6-dbg_1.3-7_amd64.deb
 30ab7594341acfc7e9eb15c52606565d0fed78a4 143058 libxi-dev_1.3-7_amd64.deb
Checksums-Sha256: 
 70479662977693b9be956d4361a3f1627172e10934a3e356c20f2eaf0d303086 2089 libxi_1.3-7.dsc
 bd5b19acc7d9d7088b355685fd1d1c5536281e7eb0d98024664cd269b7127245 22506 libxi_1.3-7.diff.gz
 4fcee124e71d9c0ebc626ba89d41b5fd6de965b8ef24e6819fadb2762e94dc54 56428 libxi6_1.3-7_amd64.deb
 6649086553f83fe4b9db94827b29316a935a43d6f450259573e1a68bec67ef86 26020 libxi6-udeb_1.3-7_amd64.udeb
 4c0c016641604b352bcc7dd8e4aed9a8b5893298f62c50937ee1fdbbb2f046a7 401416 libxi6-dbg_1.3-7_amd64.deb
 8d47422535273ab16b6e11356ae89bfe5f3e15844b5525a7fe5f8ae36bc3b6da 143058 libxi-dev_1.3-7_amd64.deb
Files: 
 4a451cc88d53780ec204d6b833b5a290 2089 x11 optional libxi_1.3-7.dsc
 b88519cdad7b884a572abad327124fc6 22506 x11 optional libxi_1.3-7.diff.gz
 395f4b289b7df61b354d535e09266699 56428 libs optional libxi6_1.3-7_amd64.deb
 7ce3f6bb1c8a25cf5cda6e097625838f 26020 debian-installer optional libxi6-udeb_1.3-7_amd64.udeb
 42edd0bf248d6ea19507b142bb8e2ade 401416 debug extra libxi6-dbg_1.3-7_amd64.deb
 800568a8d0a0dbd8e57c83521fbbb2fb 143058 libdevel optional libxi-dev_1.3-7_amd64.deb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJPobVwAAoJEDEBgAUJBeQMBM0P/2fGtBP7xd7J09JB4cDc7Bbr
4d0y2PTqA6GMVlT4gim0kySmjj6TkDA2zogaU3zg/d98MzoGC1uym/GGvtC2wbHk
iLtS815V+Dml8XUSDsGeYKvcS8MXIN4tzTvrZ2sjhtj1C76km2aI/KY8CdncCTEi
Dgt97GVimr9L6JaPPe4F6nNa+itFwVWYoGLxPBdFDsSB1M8Q49zf6HILC7Qi1jnG
bOqmUyEy2VYNUcQnldKbc7FJzf+FdgFCLChaah1VmnKLlPqQ1mNBB42bRFvsciFM
hDfNSzB30iU/E4Rv/ssHuO9L9jwWFTedU/Y/Mfte8TD92pIOz18bmiBTps8y5IrL
3vOq1cx9tyLmofVBNe1mbl0+frwi6y5v05a9pM86CsPDtv0AOuHoyl/4tPIRiGDn
0bE6q/ypogiD0mTJIbdWyxA9LXPYQ7brp7ZvaUscndzDa71XePMVVN+ama/sbRCJ
MVMy5QR6NLBr8XSaSGZiYHcXPoFLBSAYlUz0NhqGRVdXr9RbKhmCZJNW7HvGzJ9B
C4EjACah9by0I2O6WRWqfPZSS7oa90lHAJzZ4Wn9tHH8FMjy/vzZu3cpkJ8kSQ0q
jca66Q5Nf21Lvk+RyWD3X7NylSF3a1F9IANyj4zezCqJpUpmee6COqLwrNCGygKE
TvXud1zy/3A0psrN1gkw
=eBGZ
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: unstable: in some games xserver-xorg-input-mouse mousewheel doesn't work while moving the mouse
Next by Date: libxi_1.3-7_amd64.changes ACCEPTED into proposed-updates
Previous by thread: unstable: in some games xserver-xorg-input-mouse mousewheel doesn't work while moving the mouse
Next by thread: libxi_1.3-7_amd64.changes ACCEPTED into proposed-updates
Index(es):
- Date
- Thread