Overview
Request 940574 superseded
- U_xfixes-Fix-out-of-bounds-access-in-ProcXFixesCreateP.patch
* CVE-2021-4009/ZDI-CAN-14950 (bsc#1190487)
The handler for the CreatePointerBarrier request of the XFixes
extension does not properly validate the request length leading
to out of bounds memory write.
- U_Xext-Fix-out-of-bounds-access-in-SProcScreenSaverSus.patch
* CVE-2021-4010/ZDI-CAN-14951 (bsc#1190488)
The handler for the Suspend request of the Screen Saver extension
does not properly validate the request length leading to out of
bounds memory write.
- U_record-Fix-out-of-bounds-access-in-SwapCreateRegiste.patch
* CVE-2021-4011/ZDI-CAN-14952 (bsc#1190489)
The handlers for the RecordCreateContext and RecordRegisterClients
requests of the Record extension do not properly validate the request
length leading to out of bounds memory write.
- U_rendercompositeglyphs.patch
* X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access
Privilege Escalation Vulnerability [CVE-2021-4008, ZDI-CAN-14192]
(boo#1193030)
- Created by sndirsch
- In state superseded
- Supersedes 940510
- Superseded by 940758
- Open review for openSUSE:Factory:Staging:E
Request History
sndirsch created request
- U_xfixes-Fix-out-of-bounds-access-in-ProcXFixesCreateP.patch
* CVE-2021-4009/ZDI-CAN-14950 (bsc#1190487)
The handler for the CreatePointerBarrier request of the XFixes
extension does not properly validate the request length leading
to out of bounds memory write.
- U_Xext-Fix-out-of-bounds-access-in-SProcScreenSaverSus.patch
* CVE-2021-4010/ZDI-CAN-14951 (bsc#1190488)
The handler for the Suspend request of the Screen Saver extension
does not properly validate the request length leading to out of
bounds memory write.
- U_record-Fix-out-of-bounds-access-in-SwapCreateRegiste.patch
* CVE-2021-4011/ZDI-CAN-14952 (bsc#1190489)
The handlers for the RecordCreateContext and RecordRegisterClients
requests of the Record extension do not properly validate the request
length leading to out of bounds memory write.
- U_rendercompositeglyphs.patch
* X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access
Privilege Escalation Vulnerability [CVE-2021-4008, ZDI-CAN-14192]
(boo#1193030)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar_suse set openSUSE:Factory:Staging:E as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:E"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:E"
dimstar accepted review
superseded by 940758