aboutsummaryrefslogtreecommitdiff
path: root/debian/patches/1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch')
-rw-r--r--debian/patches/1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch29
1 files changed, 0 insertions, 29 deletions
diff --git a/debian/patches/1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch b/debian/patches/1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch
deleted file mode 100644
index 162bb218b..000000000
--- a/debian/patches/1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From af55da1e9c1a6a352b24823a8f7062c288ffbbc0 Mon Sep 17 00:00:00 2001
-From: Mike DePaulo <mikedep333@gmail.com>
-Date: Sun, 8 Feb 2015 19:15:20 -0500
-Subject: [PATCH 01/40] LZW decompress: fix for CVE-2011-2895 From
- xorg/lib/Xfont commit d11ee5886e9d9ec610051a206b135a4cdc1e09a0
-
- Specially crafted LZW stream can crash an application using libXfont
- that is used to open untrusted font files. With X server, this may
- allow privilege escalation when exploited
----
- nx-X11/lib/font/fontfile/decompress.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/nx-X11/lib/font/fontfile/decompress.c b/nx-X11/lib/font/fontfile/decompress.c
-index a4c5468..553b315 100644
---- a/nx-X11/lib/font/fontfile/decompress.c
-+++ b/nx-X11/lib/font/fontfile/decompress.c
-@@ -261,6 +261,8 @@ BufCompressedFill (BufFilePtr f)
- */
- while ( code >= 256 )
- {
-+ if (stackp - de_stack >= STACK_SIZE - 1)
-+ return BUFFILEEOF;
- *stackp++ = file->tab_suffix[code];
- code = file->tab_prefix[code];
- }
---
-2.1.4
-
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-03 03:12:04 +0000