import libX11-1.6.8-4.el8
This commit is contained in:
parent
77b3927063
commit
af1ec27069
37
SOURCES/0001-Fix-an-integer-overflow-in-init_om.patch
Normal file
37
SOURCES/0001-Fix-an-integer-overflow-in-init_om.patch
Normal file
@ -0,0 +1,37 @@
|
||||
From 2c67fab8415a1d32395de87f056bc5f3b37fedb0 Mon Sep 17 00:00:00 2001
|
||||
From: Matthieu Herrb <matthieu@herrb.eu>
|
||||
Date: Thu, 13 Aug 2020 18:02:58 +0200
|
||||
Subject: [PATCH] Fix an integer overflow in init_om()
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
CVE-2020-14363
|
||||
|
||||
This can lead to a double free later, as reported by Jayden Rivers.
|
||||
|
||||
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
|
||||
|
||||
(cherry picked from commit acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d)
|
||||
Signed-off-by: Michel Dänzer <mdaenzer@redhat.com>
|
||||
---
|
||||
modules/om/generic/omGeneric.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules/om/generic/omGeneric.c b/modules/om/generic/omGeneric.c
|
||||
index 22f826ec..bcfb9ab8 100644
|
||||
--- a/modules/om/generic/omGeneric.c
|
||||
+++ b/modules/om/generic/omGeneric.c
|
||||
@@ -1908,7 +1908,8 @@ init_om(
|
||||
char **required_list;
|
||||
XOrientation *orientation;
|
||||
char **value, buf[BUFSIZ], *bufptr;
|
||||
- int count = 0, num = 0, length = 0;
|
||||
+ int count = 0, num = 0;
|
||||
+ unsigned int length = 0;
|
||||
|
||||
_XlcGetResource(lcd, "XLC_FONTSET", "on_demand_loading", &value, &count);
|
||||
if (count > 0 && _XlcCompareISOLatin1(*value, "True") == 0)
|
||||
--
|
||||
2.28.0
|
||||
|
@ -5,7 +5,7 @@
|
||||
Summary: Core X11 protocol client library
|
||||
Name: libX11
|
||||
Version: 1.6.8
|
||||
Release: 3%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist}
|
||||
Release: 4%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist}
|
||||
License: MIT
|
||||
Group: System Environment/Libraries
|
||||
URL: http://www.x.org
|
||||
@ -22,6 +22,9 @@ Patch2: dont-forward-keycode-0.patch
|
||||
Patch3: 0001-Fix-XTS-regression-in-XCopyColormapAndFree.patch
|
||||
Patch4: 0001-Fix-poll_for_response-race-condition.patch
|
||||
|
||||
# CVE-2020-14363
|
||||
Patch5: 0001-Fix-an-integer-overflow-in-init_om.patch
|
||||
|
||||
BuildRequires: xorg-x11-util-macros >= 1.11
|
||||
BuildRequires: pkgconfig(xproto) >= 7.0.15
|
||||
BuildRequires: xorg-x11-xtrans-devel >= 1.0.3-4
|
||||
@ -64,6 +67,7 @@ libX11/libxcb interoperability library
|
||||
%patch2 -p1 -b .dont-forward-keycode-0
|
||||
%patch3 -p1 -b .copycolormapandfree
|
||||
%patch4 -p1 -b .race
|
||||
%patch5 -p1 -b .fix-an-integer-overflow-in-init_om
|
||||
|
||||
%build
|
||||
autoreconf -v --install --force
|
||||
@ -128,6 +132,9 @@ make %{?_smp_mflags} check
|
||||
%{_mandir}/man5/*.5*
|
||||
|
||||
%changelog
|
||||
* Tue Nov 3 2020 Michel Dänzer <mdaenzer@redhat.com> - 1.6.8-4
|
||||
- Fix CVE-2020-14363 (#1873923)
|
||||
|
||||
* Mon Feb 24 2020 Adam Jackson <ajax@redhat.com> - 1.6.8-3
|
||||
- Fix race condition in poll_for_reponse
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user