Opened 4 years ago
Closed 4 years ago
#13967 closed enhancement (fixed)
libX11-1.6.12 (CVE-2020-14363)
Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
---|---|---|---|
Priority: | high | Milestone: | 10.1 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description
A new security release of libX11 has been published. This seems to be due to bugs in the locale handling code that can cause a double-free after an integer overflow.
Double free in libX11 locale handling code ========================================== CVE-2020-14363 There is an integer overflow and a double free vulnerability in the way LibX11 handles locales. The integer overflow is a necessary precursor to the double free. Patches ------- A Patch for this issue has been committed to the libX11 git repository. libX11 1.6.12 will be released shortly and will include this patch. https://gitlab.freedesktop.org/xorg/lib/libx11 commit acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d (HEAD -> master) Fix an integer overflow in init_om() CVE-2020-14363 This can lead to a double free later, as reported by Jayden Rivers. Thanks ------ X.Org thanks Jayden Rivers for reporting this issue to our security team and assisting them in understanding them and providing fixes. -- Matthieu Herrb
The release notes:
Christopher Chavez (1): Fix typo GCCLipYOrigin -> GCClipYOrigin in XCreateGC() manpage Felix Yan (1): Correct a typo in GetStCmap.c Matthieu Herrb (2): Fix an integer overflow in init_om() libX11 1.6.12 Maya Rashish (1): Avoid the use of "register" keyword in XkbTranslateKeySym. Niclas Zeising (1): Fix input clients connecting to server git tag: libX11-1.6.12
Change History (2)
comment:1 by , 4 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 4 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at r32667