[Xcb-commit] Changes to 'xcb-1.9'
Alan Coopersmith
alanc at kemper.freedesktop.org
Thu May 23 14:41:42 PDT 2013
New branch 'xcb-1.9' available with the following commits:
commit 75680fde0dd4173e2bd8465cebb3e996a7236df1
Author: Alan Coopersmith <alan.coopersmith at oracle.com>
Date: Wed May 1 17:59:31 2013 -0700
integer overflow in read_packet() [CVE-2013-2064]
Ensure that when calculating the size of the incoming response from the
Xserver, we don't overflow the integer used in the calculations when we
multiply the int32_t length by 4 and add it to the default response size.
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
(cherry picked from commit 1b33867fa996034deb50819ae54640be501f8d20)
More information about the xcb-commit
mailing list