Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:5949
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="5949"> <issue id="1002991" tracker="bnc">VUL-0: CVE-2016-7942, CVE-2016-7943: xorg-x11-libX11,libX11: insufficient validation of data from the X server</issue> <issue id="1002998" tracker="bnc">VUL-0: CVE-2016-7945, CVE-2016-7946: libXi: Integer overflows causes mishandling of reply data from the X server</issue> <issue id="1003000" tracker="bnc">VUL-0: CVE-2016-7947, CVE-2016-7948: libXrandr: insufficient validation of data can cause out of boundary memory writes.</issue> <issue id="2016-7942" tracker="cve" /> <issue id="2016-7945" tracker="cve" /> <issue id="2016-7946" tracker="cve" /> <issue id="2016-7947" tracker="cve" /> <issue id="2016-7948" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>sndirsch</packager> <description> This update for X Window System client libraries fixes a class of privilege escalation issues. A malicious X server could send specially crafted data to X clients, which allowed for triggering crashes, or privilege escalation if this relationship was untrusted or crossed user or permission level boundaries. The following libraries have been fixed: libX11: - plugged a memory leak (boo#1002991, CVE-2016-7942). - insufficient validation of data from the X server can cause out of boundary memory read (XGetImage()) or write (XListFonts()) (boo#1002991, CVE-2016-7942). libXi: - Integer overflows in libXi can cause out of boundary memory access or endless loops (Denial of Service) (boo#1002998, CVE-2016-7945). - Insufficient validation of data in libXi can cause out of boundary memory access or endless loops (Denial of Service) (boo#1002998, CVE-2016-7946). libXrandr: - Insufficient validation of data from the X server can cause out of boundary memory writes (boo#1003000, CVE-2016-7947, CVE-2016-7948). </description> <summary>Security update for X Window System client libraries</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor