diff options
| author | Mihai Moldovan <ionic@ionic.de> | 2015-02-16 09:40:16 +0100 |
|---|---|---|
| committer | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2015-02-16 10:05:29 +0100 |
| commit | 650181c23b32378b4ec829880cc20700bf5b2ddf (patch) | |
| tree | 200a5ce858cd5af407759ea70d447956a5712f2d | |
| parent | ae898ff13b4782239a152b43125aa1fc0b80ba3d (diff) | |
| download | nx-libs-650181c23b32378b4ec829880cc20700bf5b2ddf.tar.gz nx-libs-650181c23b32378b4ec829880cc20700bf5b2ddf.tar.bz2 nx-libs-650181c23b32378b4ec829880cc20700bf5b2ddf.zip | |
CVE security review: Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch & 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch.
- Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch.
Initialize remaining bufleft variables (nx-X11/lib/font/fc/fserve.c).
- Add 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch.
Do proper input validation to fix for CVE-2011-2895.
4 files changed, 8 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index 4f6833df2..523d7a5a2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -204,6 +204,10 @@ nx-libs (2:3.5.0.29-0x2go2) UNRELEASED; urgency=medium Apply correctly on nx-libs 3.6.x. - Update 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch. Human-readable version of "1 MB". + - Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch. + Initialize remaining bufleft variables (nx-X11/lib/font/fc/fserve.c). + - Add 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch. + Do proper input validation to fix for CVE-2011-2895. -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Thu, 13 Nov 2014 21:59:00 +0100 diff --git a/debian/patches/1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch b/debian/patches/1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch index 4203bf674..b74b2d405 100644 --- a/debian/patches/1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch +++ b/debian/patches/1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch @@ -1,7 +1,7 @@ From b04f11915e29d9563d279e1326f61b50ea414dba Mon Sep 17 00:00:00 2001 From: Mihai Moldovan <ionic@ionic.de> Date: Mon, 16 Feb 2015 06:03:48 +0100 -Subject: [PATCH 07/15] nx-X11/lib/font/fc/fserve.c: initialize remaining +Subject: [PATCH 01/02] nx-X11/lib/font/fc/fserve.c: initialize remaining bufleft variables. --- diff --git a/debian/patches/1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch b/debian/patches/1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch index 9e5d00e98..04910353c 100644 --- a/debian/patches/1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch +++ b/debian/patches/1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch @@ -1,7 +1,7 @@ From 6acafc9334828da22446380c81af81bde14b5d86 Mon Sep 17 00:00:00 2001 From: Joerg Sonnenberger <joerg@britannica.bec.de> Date: Sun, 21 Aug 2011 18:51:53 +0200 -Subject: [PATCH 08/15] Do proper input validation to fix for CVE-2011-2895. +Subject: [PATCH 02/02] Do proper input validation to fix for CVE-2011-2895. It ensures that all valid input can be decompressed, checks that the overflow conditions doesn't happen and generally tightens the diff --git a/debian/patches/series b/debian/patches/series index c31d33d8d..379704c77 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -112,5 +112,7 @@ 1038-glx-Length-checking-for-non-generated-single-request.patch 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch +1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch +1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch 0016_nx-X11_install-location.debian.patch 0102_xserver-xext_set-securitypolicy-path.debian.patch |