Julien Cristau pushed to branch debian-buster at X Strike Force / xserver / xorg-server
Commits:
-
dda3978c
by Matthieu Herrb at 2021-04-19T11:30:24+02:00
-
a34193d5
by Julien Cristau at 2021-04-19T11:34:48+02:00
2 changed files:
Changes:
... | ... | @@ -464,8 +464,11 @@ ProcXChangeFeedbackControl(ClientPtr client) |
464 | 464 |
break;
|
465 | 465 |
case StringFeedbackClass:
|
466 | 466 |
{
|
467 |
- xStringFeedbackCtl *f = ((xStringFeedbackCtl *) &stuff[1]);
|
|
467 |
+ xStringFeedbackCtl *f;
|
|
468 | 468 |
|
469 |
+ REQUEST_AT_LEAST_EXTRA_SIZE(xChangeFeedbackControlReq,
|
|
470 |
+ sizeof(xStringFeedbackCtl));
|
|
471 |
+ f = ((xStringFeedbackCtl *) &stuff[1]);
|
|
469 | 472 |
if (client->swapped) {
|
470 | 473 |
if (len < bytes_to_int32(sizeof(xStringFeedbackCtl)))
|
471 | 474 |
return BadLength;
|
1 |
+xorg-server (2:1.20.4-1+deb10u3) buster-security; urgency=high
|
|
2 |
+ |
|
3 |
+ * Fix XChangeFeedbackControl() request underflow (CVE-2021-3472)
|
|
4 |
+ |
|
5 |
+ -- Julien Cristau <jcristau@debian.org> Mon, 19 Apr 2021 11:34:38 +0200
|
|
6 |
+ |
|
1 | 7 |
xorg-server (2:1.20.4-1+deb10u2) buster-security; urgency=medium
|
2 | 8 |
|
3 | 9 |
* CVE-2020-14360 CVE-2020-25712
|