From 650181c23b32378b4ec829880cc20700bf5b2ddf Mon Sep 17 00:00:00 2001 From: Mihai Moldovan Date: Mon, 16 Feb 2015 09:40:16 +0100 Subject: CVE security review: Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch & 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch. - Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch. Initialize remaining bufleft variables (nx-X11/lib/font/fc/fserve.c). - Add 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch. Do proper input validation to fix for CVE-2011-2895. --- debian/changelog | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'debian/changelog') diff --git a/debian/changelog b/debian/changelog index 4f6833df2..523d7a5a2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -204,6 +204,10 @@ nx-libs (2:3.5.0.29-0x2go2) UNRELEASED; urgency=medium Apply correctly on nx-libs 3.6.x. - Update 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch. Human-readable version of "1 MB". + - Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch. + Initialize remaining bufleft variables (nx-X11/lib/font/fc/fserve.c). + - Add 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch. + Do proper input validation to fix for CVE-2011-2895. -- Mike Gabriel Thu, 13 Nov 2014 21:59:00 +0100 -- cgit v1.2.3