libXfont: Changes to 'master'
Matthieu Herrb
herrb at kemper.freedesktop.org
Sat Sep 17 09:44:35 PDT 2011
src/fontfile/decompress.c | 29 ++++++++++++++++-------------
1 file changed, 16 insertions(+), 13 deletions(-)
New commits:
commit bd48ad11fd11412c62c3ac8ed5d52c4f10a985aa
Author: Joerg Sonnenberger <joerg at britannica.bec.de>
Date: Sun Aug 21 18:51:53 2011 +0200
Do proper input validation to fix for CVE-2011-2895.
It ensures that all valid input can be decompressed, checks that the
overflow conditions doesn't happen and generally tightens the
validation of the LZW stream and doesn't pessimize the inner loop for
no good reason. It's derived from a change in libarchive from 2004.
Signed-off-by: Matthieu Herrb <matthieu.herrb at laas.fr>
Reviewed-by: Tomas Hoger <thoger at redhat.com>
More information about the xorg-commit
mailing list