rpms/libX11
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import libX11-1.6.8-4.el8

Browse Source
This commit is contained in:
CentOS Sources 2021-05-18 02:43:20 -04:00 committed by Andrew Lukoshko
parent 0183be7250
commit 5f073b2c89
2 changed files with 45 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
SOURCES/0001-Fix-an-integer-overflow-in-init_om.patch Normal file
View File

@ -0,0 +1,37 @@
From 2c67fab8415a1d32395de87f056bc5f3b37fedb0 Mon Sep 17 00:00:00 2001
From: Matthieu Herrb <matthieu@herrb.eu>
Date: Thu, 13 Aug 2020 18:02:58 +0200
Subject: [PATCH] Fix an integer overflow in init_om()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
CVE-2020-14363
This can lead to a double free later, as reported by Jayden Rivers.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
(cherry picked from commit acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d)
Signed-off-by: Michel Dänzer <mdaenzer@redhat.com>
---
modules/om/generic/omGeneric.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/modules/om/generic/omGeneric.c b/modules/om/generic/omGeneric.c
index 22f826ec..bcfb9ab8 100644
--- a/modules/om/generic/omGeneric.c
+++ b/modules/om/generic/omGeneric.c
@@ -1908,7 +1908,8 @@ init_om(
char **required_list;
XOrientation *orientation;
char **value, buf[BUFSIZ], *bufptr;
- int count = 0, num = 0, length = 0;
+ int count = 0, num = 0;
+ unsigned int length = 0;
_XlcGetResource(lcd, "XLC_FONTSET", "on_demand_loading", &value, &count);
if (count > 0 && _XlcCompareISOLatin1(*value, "True") == 0)
--
2.28.0

9
SPECS/libX11.spec
View File

@ -5,7 +5,7 @@
Summary: Core X11 protocol client library Summary: Core X11 protocol client library
Name: libX11 Name: libX11
Version: 1.6.8 Version: 1.6.8
Release: 3%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist} Release: 4%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist}
License: MIT License: MIT
Group: System Environment/Libraries Group: System Environment/Libraries
URL: http://www.x.org URL: http://www.x.org
@ -22,6 +22,9 @@ Patch2: dont-forward-keycode-0.patch
Patch3: 0001-Fix-XTS-regression-in-XCopyColormapAndFree.patch Patch3: 0001-Fix-XTS-regression-in-XCopyColormapAndFree.patch
Patch4: 0001-Fix-poll_for_response-race-condition.patch Patch4: 0001-Fix-poll_for_response-race-condition.patch
# CVE-2020-14363
Patch5: 0001-Fix-an-integer-overflow-in-init_om.patch
BuildRequires: xorg-x11-util-macros >= 1.11 BuildRequires: xorg-x11-util-macros >= 1.11
BuildRequires: pkgconfig(xproto) >= 7.0.15 BuildRequires: pkgconfig(xproto) >= 7.0.15
BuildRequires: xorg-x11-xtrans-devel >= 1.0.3-4 BuildRequires: xorg-x11-xtrans-devel >= 1.0.3-4
@ -64,6 +67,7 @@ libX11/libxcb interoperability library
%patch2 -p1 -b .dont-forward-keycode-0 %patch2 -p1 -b .dont-forward-keycode-0
%patch3 -p1 -b .copycolormapandfree %patch3 -p1 -b .copycolormapandfree
%patch4 -p1 -b .race %patch4 -p1 -b .race
%patch5 -p1 -b .fix-an-integer-overflow-in-init_om
%build %build
autoreconf -v --install --force autoreconf -v --install --force
@ -128,6 +132,9 @@ make %{?_smp_mflags} check
%{_mandir}/man5/*.5* %{_mandir}/man5/*.5*
%changelog %changelog
* Tue Nov 3 2020 Michel Dänzer <mdaenzer@redhat.com> - 1.6.8-4
- Fix CVE-2020-14363 (#1873923)
* Mon Feb 24 2020 Adam Jackson <ajax@redhat.com> - 1.6.8-3 * Mon Feb 24 2020 Adam Jackson <ajax@redhat.com> - 1.6.8-3
- Fix race condition in poll_for_reponse - Fix race condition in poll_for_reponse