aboutsummaryrefslogtreecommitdiff
path: root/nx-X11
Commit message (Expand)AuthorAgeFilesLines
* Do proper input validation to fix for CVE-2011-2895.Joerg Sonnenberger2015-02-161-14/+17
* Revert "Do proper input validation to fix for CVE-2011-2895."Mike Gabriel2015-02-161-17/+14
* Do proper input validation to fix for CVE-2011-2895.Joerg Sonnenberger2015-02-161-14/+17
* nx-X11/lib/font/fc/fserve.c: initialize remaining bufleft variables.Mihai Moldovan2015-02-161-2/+2
* dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]Alan Coopersmith2015-02-161-0/+6
* Revert "dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]"Mihai Moldovan2015-02-161-6/+0
* CVE-2014-0210: unvalidated length in _fs_recv_conn_setup() from xorg/lib/libX...Mike DePaulo2015-02-161-3/+18
* Revert "CVE-2014-0210: unvalidated length in _fs_recv_conn_setup() from xorg/...Mihai Moldovan2015-02-161-18/+3
* CVE-2014-0210: unvalidated length fields in fs_read_query_info() from xorg/li...Mike DePaulo2015-02-162-8/+54
* Revert "CVE-2014-0210: unvalidated length fields in fs_read_query_info() from...Mihai Moldovan2015-02-162-52/+7
* glx: Pass remaining request length into ->varsize (v2) [CVE-2014-8098 8/8] (V3)Adam Jackson2015-02-144-107/+121
* glx: Length checking for RenderLarge requests (v2) [CVE-2014-8098 3/8] (v3)Adam Jackson2015-02-142-46/+71
* glx: Length checking for non-generated single requests (v2) [CVE-2014-8098 7/8]Adam Jackson2015-02-144-20/+52
* glx: Top-level length checking for swapped VendorPrivate requests [CVE-2014-8...Adam Jackson2015-02-141-0/+4
* glx: Integer overflow protection for non-generated render requests (v3) [CVE-...Adam Jackson2015-02-141-31/+37
* glx: Length checking for GLXRender requests (v2) [CVE-2014-8098 2/8] (v3)Julien Cristau2015-02-142-20/+20
* glx: Add safe_{add,mul,pad} (v3) [CVE-2014-8093 4/6] (v4)Adam Jackson2015-02-141-0/+41
* glx: Additional paranoia in __glXGetAnswerBuffer / __GLX_GET_ANSWER_BUFFER (v...Adam Jackson2015-02-141-1/+2
* glx: Be more strict about rejecting invalid image sizes [CVE-2014-8093 2/6]Adam Jackson2015-02-142-14/+14
* glx: Be more paranoid about variable-length requests [CVE-2014-8093 1/6] (v2)Adam Jackson2015-02-142-4/+4
* randr: unvalidated lengths in RandR extension swapped procs [CVE-2014-8101]Alan Coopersmith2015-02-141-0/+3
* xfixes: unvalidated length in SProcXFixesSelectSelectionInput [CVE-2014-8102]Alan Coopersmith2015-02-141-0/+1
* render: unvalidated lengths in Render extn. swapped procs [CVE-2014-8100 2/2]Alan Coopersmith2015-02-141-1/+16
* render: check request size before reading it [CVE-2014-8100 1/2]Julien Cristau2015-02-141-1/+2
* Xv: unvalidated lengths in XVideo extension swapped procs [CVE-2014-8099]Alan Coopersmith2015-02-141-0/+20
* xcmisc: unvalidated length in SProcXCMiscGetXIDList() [CVE-2014-8096]Alan Coopersmith2015-02-141-0/+1
* Xi: unvalidated lengths in Xinput extension [CVE-2014-8095]Alan Coopersmith2015-02-144-2/+11
* dbe: unvalidated lengths in DbeSwapBuffers calls [CVE-2014-8097]Alan Coopersmith2015-02-141-3/+8
* dix: integer overflow in REQUEST_FIXED_SIZE() [CVE-2014-8092 4/4]Alan Coopersmith2015-02-141-1/+4
* dix: integer overflow in RegionSizeof() [CVE-2014-8092 3/4]Alan Coopersmith2015-02-142-15/+34
* dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]Alan Coopersmith2015-02-141-0/+6
* dix: integer overflow in ProcPutImage() [CVE-2014-8092 1/4]Alan Coopersmith2015-02-141-1/+3
* unchecked malloc may allow unauthed client to crash Xserver [CVE-2014-8091]Alan Coopersmith2015-02-141-0/+4
* CVE-2014-0210: unvalidated length fields in fs_read_list_info() from xorg/lib...Mike DePaulo2015-02-141-1/+55
* CVE-2014-0210: unvalidated length fields in fs_read_list() from xorg/lib/libX...Mike DePaulo2015-02-141-0/+15
* CVE-2014-0210: unvalidated length fields in fs_read_glyphs() from xorg/lib/li...Mike DePaulo2015-02-141-1/+28
* CVE-2014-0210: unvalidated length fields in fs_read_extent_info() from xorg/l...Mike DePaulo2015-02-141-0/+10
* CVE-2014-0211: integer overflow in fs_alloc_glyphs() from xorg/lib/libXfont c...Mike DePaulo2015-02-141-1/+6
* CVE-2014-0211: integer overflow in fs_read_extent_info() from xorg/lib/libXfo...Mike DePaulo2015-02-141-1/+11
* CVE-2014-0210: unvalidated length fields in fs_read_query_info() from xorg/li...Mike DePaulo2015-02-142-7/+52
* CVE-2014-0211: Integer overflow in fs_get_reply/_fs_start_read from xorg/lib/...Mike DePaulo2015-02-141-0/+18
* CVE-2014-0210: unvalidated lengths when reading replies from font server from...Mike DePaulo2015-02-141-6/+38
* Don't crash when we receive an FS_Error from the font server (Guillem Jover)....Mike DePaulo2015-02-141-1/+1
* CVE-2014-0210: unvalidated length in _fs_recv_conn_setup() from xorg/lib/libX...Mike DePaulo2015-02-141-3/+18
* CVE-2014-0209: integer overflow of realloc() size in lexAlias() from xorg/lib...Mike DePaulo2015-02-141-0/+4
* CVE-2014-0209: integer overflow of realloc() size in FontFileAddEntry() from ...Mike DePaulo2015-02-141-0/+5
* CVE-2013-6462: unlimited sscanf overflows stack buffer in bdfReadCharacters()...Mike DePaulo2015-02-141-1/+1
* Avoid use-after-free in dix/dixfonts.c: doImageText() [CVE-2013-4396] from xo...Mike DePaulo2015-02-141-0/+5
* Fix CVE-2011-4028: File disclosure vulnerability. upstream xorg/xserver commi...Mike DePaulo2015-02-141-1/+1
* LZW decompress: fix for CVE-2011-2895 From xorg/lib/Xfont commit d11ee5886e9d...Mike DePaulo2015-02-141-0/+2