aboutsummaryrefslogtreecommitdiff
path: root/nx-libs.spec
diff options
context:
space:
mode:
authorMike DePaulo <mikedep333@gmail.com>2015-02-08 21:03:33 -0500
committerMihai Moldovan <ionic@ionic.de>2015-02-16 05:54:00 +0100
commit31322c2bd9be76493a5a04a23ea68e063fe3b7e6 (patch)
tree95ad34e6d40c0d8687728ee4c682341d2e41c7d2 /nx-libs.spec
parentc0d0e373d4c42c7813b1955fc18f5c9f63c725e0 (diff)
downloadnx-libs-31322c2bd9be76493a5a04a23ea68e063fe3b7e6.tar.gz
nx-libs-31322c2bd9be76493a5a04a23ea68e063fe3b7e6.tar.bz2
nx-libs-31322c2bd9be76493a5a04a23ea68e063fe3b7e6.zip
CVE-2014-0210: unvalidated length in _fs_recv_conn_setup() from xorg/lib/libXfont commit 891e084b26837162b12f841060086a105edde86d
The connection setup reply from the font server can include a list of alternate servers to contact if this font server stops working. The reply specifies a total size of all the font server names, and then provides a list of names. _fs_recv_conn_setup() allocated the specified total size for copying the names to, but didn't check to make sure it wasn't copying more data to that buffer than the size it had allocated. v2: use xfree() instead of free() for nx-libs 3.6.x (Mihai Moldovan)
Diffstat (limited to 'nx-libs.spec')
0 files changed, 0 insertions, 0 deletions