libxfixes: Changes to 'debian-jessie'

To: debian-x@lists.debian.org
Subject: libxfixes: Changes to 'debian-jessie'
From: Julien Cristau <jcristau@moszumanska.debian.org>
Date: Sat, 09 Sep 2017 11:18:44 +0000
Message-id: <[🔎] E1dqdme-0003FT-F3@moszumanska.debian.org>

New branch 'debian-jessie' available with the following commits:
commit dbcea9fceb885ce42bc173a31dc6c176b7820e90
Author: Julien Cristau <jcristau@debian.org>
Date:   Sat Jan 7 16:30:35 2017 +0100

    Upload to jessie

commit 6e43fc2771e0ac0d90525a9f6502da1a0fc7f2a2
Author: Tobias Stoeckmann <tobias@stoeckmann.org>
Date:   Sun Sep 25 22:38:44 2016 +0200

    Integer overflow on illegal server response
    
    The 32 bit field "rep.length" is not checked for validity, which allows
    an integer overflow on 32 bit systems.
    
    A malicious server could send INT_MAX as length, which gets multiplied
    by the size of XRectangle. In that case the client won't read the whole
    data from server, getting out of sync.
    
    Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
    Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
    (cherry picked from commit 61c1039ee23a2d1de712843bed3480654d7ef42e)

Reply to:

Prev by Date: libx11: Changes to 'refs/tags/libx11-2_1.6.2-3+deb8u1'
Next by Date: libxfixes: Changes to 'refs/tags/libxfixes-1_5.0.1-2+deb8u1'
Previous by thread: libx11: Changes to 'refs/tags/libx11-2_1.6.2-3+deb8u1'
Next by thread: libxfixes: Changes to 'refs/tags/libxfixes-1_5.0.1-2+deb8u1'
Index(es):
- Date
- Thread