[ubuntu/focal-security] libx11 2:1.6.9-2ubuntu1.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Sep 2 12:54:54 UTC 2020
libx11 (2:1.6.9-2ubuntu1.1) focal-security; urgency=medium
* SECURITY UPDATE: integer overflow and heap overflow in XIM client
- debian/patches/CVE-2020-14344-1.patch: fix signed length values in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-2.patch: fix integer overflows in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-3.patch: fix more unchecked lengths in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-4.patch: zero out buffers in functions
in modules/im/ximcp/imDefIc.c, modules/im/ximcp/imDefIm.c.
- debian/patches/CVE-2020-14344-5.patch: change the data_len parameter
to CARD16 in modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-6.patch: fix size calculation in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-7.patch: fix input clients connecting
to server in modules/im/ximcp/imRmAttr.c.
- CVE-2020-14344
* SECURITY UPDATE: integer overflow and double free in locale handling
- debian/patches/CVE-2020-14363.patch: fix an integer overflow in
modules/om/generic/omGeneric.c.
- CVE-2020-14363
Date: 2020-08-31 16:57:13.088029+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libx11/2:1.6.9-2ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list