aboutsummaryrefslogtreecommitdiff
path: root/nx-X11
Commit message (Expand)AuthorAgeFilesLines
* xkb: Check strings length against request sizeOlivier Fourdan2015-02-171-25/+41
* xkb: Don't swap XkbSetGeometry data in the input bufferOlivier Fourdan2015-02-171-16/+19
* include: introduce byte counting functions.Peter Hutterer2015-02-171-0/+30
* Coverity #844, #845, #846: Fix memory leaks.Daniel Stone2015-02-171-3/+19
* Make nxagent process aware of its current NX'ish version.Mike Gabriel2015-02-175-5/+40
* nx-X11/programs/Xserver/hw/nxagent/: Drop unused VERSION file.Mike Gabriel2015-02-161-1/+0
* Do proper input validation to fix for CVE-2011-2895.Joerg Sonnenberger2015-02-161-14/+17
* Revert "Do proper input validation to fix for CVE-2011-2895."Mike Gabriel2015-02-161-17/+14
* Do proper input validation to fix for CVE-2011-2895.Joerg Sonnenberger2015-02-161-14/+17
* nx-X11/lib/font/fc/fserve.c: initialize remaining bufleft variables.Mihai Moldovan2015-02-161-2/+2
* dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]Alan Coopersmith2015-02-161-0/+6
* Revert "dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]"Mihai Moldovan2015-02-161-6/+0
* CVE-2014-0210: unvalidated length in _fs_recv_conn_setup() from xorg/lib/libX...Mike DePaulo2015-02-161-3/+18
* Revert "CVE-2014-0210: unvalidated length in _fs_recv_conn_setup() from xorg/...Mihai Moldovan2015-02-161-18/+3
* CVE-2014-0210: unvalidated length fields in fs_read_query_info() from xorg/li...Mike DePaulo2015-02-162-8/+54
* Revert "CVE-2014-0210: unvalidated length fields in fs_read_query_info() from...Mihai Moldovan2015-02-162-52/+7
* glx: Pass remaining request length into ->varsize (v2) [CVE-2014-8098 8/8] (V3)Adam Jackson2015-02-144-107/+121
* glx: Length checking for RenderLarge requests (v2) [CVE-2014-8098 3/8] (v3)Adam Jackson2015-02-142-46/+71
* glx: Length checking for non-generated single requests (v2) [CVE-2014-8098 7/8]Adam Jackson2015-02-144-20/+52
* glx: Top-level length checking for swapped VendorPrivate requests [CVE-2014-8...Adam Jackson2015-02-141-0/+4
* glx: Integer overflow protection for non-generated render requests (v3) [CVE-...Adam Jackson2015-02-141-31/+37
* glx: Length checking for GLXRender requests (v2) [CVE-2014-8098 2/8] (v3)Julien Cristau2015-02-142-20/+20
* glx: Add safe_{add,mul,pad} (v3) [CVE-2014-8093 4/6] (v4)Adam Jackson2015-02-141-0/+41
* glx: Additional paranoia in __glXGetAnswerBuffer / __GLX_GET_ANSWER_BUFFER (v...Adam Jackson2015-02-141-1/+2
* glx: Be more strict about rejecting invalid image sizes [CVE-2014-8093 2/6]Adam Jackson2015-02-142-14/+14
* glx: Be more paranoid about variable-length requests [CVE-2014-8093 1/6] (v2)Adam Jackson2015-02-142-4/+4
* randr: unvalidated lengths in RandR extension swapped procs [CVE-2014-8101]Alan Coopersmith2015-02-141-0/+3
* xfixes: unvalidated length in SProcXFixesSelectSelectionInput [CVE-2014-8102]Alan Coopersmith2015-02-141-0/+1
* render: unvalidated lengths in Render extn. swapped procs [CVE-2014-8100 2/2]Alan Coopersmith2015-02-141-1/+16
* render: check request size before reading it [CVE-2014-8100 1/2]Julien Cristau2015-02-141-1/+2
* Xv: unvalidated lengths in XVideo extension swapped procs [CVE-2014-8099]Alan Coopersmith2015-02-141-0/+20
* xcmisc: unvalidated length in SProcXCMiscGetXIDList() [CVE-2014-8096]Alan Coopersmith2015-02-141-0/+1
* Xi: unvalidated lengths in Xinput extension [CVE-2014-8095]Alan Coopersmith2015-02-144-2/+11
* dbe: unvalidated lengths in DbeSwapBuffers calls [CVE-2014-8097]Alan Coopersmith2015-02-141-3/+8
* dix: integer overflow in REQUEST_FIXED_SIZE() [CVE-2014-8092 4/4]Alan Coopersmith2015-02-141-1/+4
* dix: integer overflow in RegionSizeof() [CVE-2014-8092 3/4]Alan Coopersmith2015-02-142-15/+34
* dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]Alan Coopersmith2015-02-141-0/+6
* dix: integer overflow in ProcPutImage() [CVE-2014-8092 1/4]Alan Coopersmith2015-02-141-1/+3
* unchecked malloc may allow unauthed client to crash Xserver [CVE-2014-8091]Alan Coopersmith2015-02-141-0/+4
* CVE-2014-0210: unvalidated length fields in fs_read_list_info() from xorg/lib...Mike DePaulo2015-02-141-1/+55
* CVE-2014-0210: unvalidated length fields in fs_read_list() from xorg/lib/libX...Mike DePaulo2015-02-141-0/+15
* CVE-2014-0210: unvalidated length fields in fs_read_glyphs() from xorg/lib/li...Mike DePaulo2015-02-141-1/+28
* CVE-2014-0210: unvalidated length fields in fs_read_extent_info() from xorg/l...Mike DePaulo2015-02-141-0/+10
* CVE-2014-0211: integer overflow in fs_alloc_glyphs() from xorg/lib/libXfont c...Mike DePaulo2015-02-141-1/+6
* CVE-2014-0211: integer overflow in fs_read_extent_info() from xorg/lib/libXfo...Mike DePaulo2015-02-141-1/+11
* CVE-2014-0210: unvalidated length fields in fs_read_query_info() from xorg/li...Mike DePaulo2015-02-142-7/+52
* CVE-2014-0211: Integer overflow in fs_get_reply/_fs_start_read from xorg/lib/...Mike DePaulo2015-02-141-0/+18
* CVE-2014-0210: unvalidated lengths when reading replies from font server from...Mike DePaulo2015-02-141-6/+38
* Don't crash when we receive an FS_Error from the font server (Guillem Jover)....Mike DePaulo2015-02-141-1/+1
* CVE-2014-0210: unvalidated length in _fs_recv_conn_setup() from xorg/lib/libX...Mike DePaulo2015-02-141-3/+18