libxtst: Changes to 'debian-jessie'

To: debian-x@lists.debian.org
Subject: libxtst: Changes to 'debian-jessie'
From: Julien Cristau <jcristau@moszumanska.debian.org>
Date: Sat, 09 Sep 2017 11:21:33 +0000
Message-id: <[🔎] E1dqdpN-0003qn-IR@moszumanska.debian.org>

New branch 'debian-jessie' available with the following commits:
commit ae3b5dce2658fed8df9c964ad2c2a2b8d9721aca
Author: Julien Cristau <jcristau@debian.org>
Date:   Sat Jan 28 15:54:00 2017 +0100

    Upload to jessie

commit 461dc6db35398d9bb30b17580389c4ac400c905b
Author: Tobias Stoeckmann <tobias@stoeckmann.org>
Date:   Sun Sep 25 21:37:01 2016 +0200

    Out of boundary access and endless loop in libXtst
    
    A lack of range checks in libXtst allows out of boundary accesses.
    The checks have to be done in-place here, because it cannot be done
    without in-depth knowledge of the read data.
    
    If XRecordStartOfData, XRecordEndOfData, or XRecordClientDied
    without a client sequence have attached data, an endless loop would
    occur. The do-while-loop continues until the current index reaches
    the end. But in these cases, the current index would not be
    incremented, leading to an endless processing.
    
    Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
    Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
    (cherry picked from commit 9556ad67af3129ec4a7a4f4b54a0d59701beeae3)

Reply to:

Prev by Date: libxfixes: Changes to 'refs/tags/libxfixes-1_5.0.1-2+deb8u1'
Next by Date: libxtst: Changes to 'refs/tags/libxtst-2_1.2.2-1+deb8u1'
Previous by thread: libxfixes: Changes to 'refs/tags/libxfixes-1_5.0.1-2+deb8u1'
Next by thread: libxtst: Changes to 'refs/tags/libxtst-2_1.2.2-1+deb8u1'
Index(es):
- Date
- Thread