]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b516394) | patch
xserver-xorg: Fix CVE-2017-10971
authorJackie Huang <jackie.huang@windriver.com>
Thu, 17 Aug 2017 07:39:13 +0000 (15:39 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 18 Aug 2017 11:35:57 +0000 (12:35 +0100)
commit20428f660f2c046c63bbf63c4e4af95dac9f2b3d
tree2a201effebb4dc5eaf9662632eebf5db5ed13d8btree | snapshot
parentb516394f9e7858062aa7b042aa4a1bdef9d3a941commit | diff
xserver-xorg: Fix CVE-2017-10971

Backport 3 patches to fix CVE-2017-10971:

In the X.Org X server before 2017-06-19, a user authenticated to an X
Session could crash or execute code in the context of the X Server by
exploiting a stack overflow in the endianness conversion of X Events.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-10971

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2017-10971-1.patch [new file with mode: 0644] blob
meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2017-10971-2.patch [new file with mode: 0644] blob
meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2017-10971-3.patch [new file with mode: 0644] blob
meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb diff | blob | history
Mirror of the official openembedded-core repository