Opened 6 months ago

Closed 6 months ago

#17404 closed enhancement (fixed)


Reported by: Douglas R. Reno Owned by: pierre
Priority: high Milestone: 11.3
Component: BOOK Version: git
Severity: normal Keywords:


New point version

Change History (5)

comment:1 by Douglas R. Reno, 6 months ago

Same six CVEs as fixed in #17403

comment:2 by pierre, 6 months ago

Owner: changed from blfs-book to pierre
Status: newassigned

comment:3 by pierre, 6 months ago

This release fixes 6 recently reported security vulnerabilities in various extensions. The CVE numbers are: CVE-2022-46340, CVE-2022-46341, CVE-2022-46342, CVE-2022-46343, CVE-2022-46344, and CVE-2022-4283

For details on the these issues please see the security advisory here:

Peter Hutterer (8):

  • Xtest: disallow GenericEvents in XTestSwapFakeInput
  • Xi: disallow passive grabs with a detail > 255
  • Xext: free the XvRTVideoNotify when turning off from the same client
  • Xext: free the screen saver resource when replacing it
  • Xi: return an error from XI property changes if verification failed
  • Xi: avoid integer truncation in length check of ProcXIChangeProperty
  • xkb: reset the radio_groups pointer to NULL after freeing it
  • Bump to version 22.1.6

comment:4 by pierre, 6 months ago

SA at commit e0392da in www.git.

comment:5 by pierre, 6 months ago

Resolution: fixed
Status: assignedclosed

Fixed at commit 7dea4470

Note: See TracTickets for help on using tickets.