From ae898ff13b4782239a152b43125aa1fc0b80ba3d Mon Sep 17 00:00:00 2001
From: Mihai Moldovan <ionic@ionic.de>
Date: Mon, 16 Feb 2015 09:35:47 +0100
Subject: CVE security review [1/2].

* CVE security review [1/2]:
  - Update 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch.
    Use xfree() instead of free() in nx-libs.
  - Update 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch.
    Apply correctly on nx-libs 3.6.x.
  - Update 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch.
    Human-readable version of "1 MB".
---
 debian/changelog | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'debian/changelog')

diff --git a/debian/changelog b/debian/changelog
index efe018cf4..4f6833df2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -197,6 +197,13 @@ nx-libs (2:3.5.0.29-0x2go2) UNRELEASED; urgency=medium
 
   [ Mihai Moldovan ]
   * Change string "X2go" to "X2Go" where appropriate.
+  * CVE security review:
+    - Update 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch.
+      Use xfree() instead of free() in nx-libs.
+    - Update 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch.
+      Apply correctly on nx-libs 3.6.x.
+    - Update 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch.
+      Human-readable version of "1 MB".
 
  -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de>  Thu, 13 Nov 2014 21:59:00 +0100
 
-- 
cgit v1.2.3