[Pixman] CVE-2014-9766 assigned for integer overflow in pixman < 0.32.6
Alan Coopersmith
alan.coopersmith at oracle.com
Wed Feb 24 18:50:58 UTC 2016
See attached emails for discussion from the oss-security mailing list.
The quoted patch was applied to the master branch of the pixman git repo as:
https://cgit.freedesktop.org/pixman/commit/?id=857e40f3d2bc2cfb714913e0cd7e6184cf69aca3
and to the pixman-0.32 branch as:
https://cgit.freedesktop.org/pixman/commit/?id=50d7b5fa8ea2ae119f35c20ab0dd0413d5103cbb
It is included in pixman 0.32.6 and later releases.
--
-Alan Coopersmith- alan.coopersmith at oracle.com
X.Org Security Response Team - xorg-security at lists.x.org
-------------- next part --------------
An embedded message was scrubbed...
From: Gustavo Grieco <gustavo.grieco at gmail.com>
Subject: [oss-security] [Pixman] create_bits(): Cast the result of height * stride to size_t
Date: Wed, 24 Feb 2016 09:10:37 -0300
Size: 4487
URL: <https://lists.freedesktop.org/archives/pixman/attachments/20160224/ab5edf07/attachment.eml>
-------------- next part --------------
An embedded message was scrubbed...
From: cve-assign at mitre.org
Subject: [oss-security] Re: [Pixman] create_bits(): Cast the result of height * stride to size_t
Date: Wed, 24 Feb 2016 10:55:24 -0500 (EST)
Size: 4203
URL: <https://lists.freedesktop.org/archives/pixman/attachments/20160224/ab5edf07/attachment-0001.eml>
More information about the Pixman
mailing list