Bug#889681: wayland: CVE-2017-16612

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#889681: wayland: CVE-2017-16612
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 05 Feb 2018 20:48:56 +0100
Message-id: <[🔎] 151786013614.32221.17283281733773329930.reportbug@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 889681@bugs.debian.org

Source: wayland
Version: 1.6.0-1
Severity: important
Tags: patch security upstream
Forwarded: https://bugs.freedesktop.org/show_bug.cgi?id=103961

Hi,

the following vulnerability was published for wayland.

CVE-2017-16612[0]:
| libXcursor before 1.1.15 has various integer overflows that could lead
| to heap buffer overflows when processing malicious cursors, e.g., with
| programs like GIMP. It is also possible that an attack vector exists
| against the related code in cursor/xcursor.c in Wayland through
| 1.14.0.

Note, I asked MITRE for advice if the CVE should apply as well to
wayland leading to the above updated description.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-16612
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16612
[1] https://bugs.freedesktop.org/show_bug.cgi?id=103961
[2] https://cgit.freedesktop.org/wayland/wayland/commit/?id=5d201df72f3d4f4cb8b8f75f980169b03507da38
[3] https://lists.freedesktop.org/archives/wayland-devel/2017-November/035979.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Reply to:

Prev by Date: Re: Request for newer mesa,llvm packages in stretch backports
Next by Date: Re: Fwd: libwayland-cursor heap overflow fix
Previous by thread: Bug#889676: xvfb: xvfb-run script contains an unnecessary dependency on the external tool "which"
Next by thread: Re: Fwd: libwayland-cursor heap overflow fix
Index(es):
- Date
- Thread