[Buildroot] [PATCH] package/x11r7/xserver_xorg-server: add upstream security fixes for CVE-2020-14360 / 25712
Peter Korsgaard
peter at korsgaard.com
Fri Dec 11 23:19:03 UTC 2020
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issues:
> * CVE-2020-14360 / ZDI CAN 11572 XkbSetMap Out-Of-Bounds Access
> Insufficient checks on the lengths of the XkbSetMap request can lead to
> out of bounds memory accesses in the X server.
> * CVE-2020-25712 / ZDI-CAN-11839 XkbSetDeviceInfo Heap-based Buffer Overflow
> Insufficient checks on input of the XkbSetDeviceInfo request can lead to a
> buffer overflow on the head in the X server.
> For more details, see the advisory:
> https://www.openwall.com/lists/oss-security/2020/12/01/3
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2020.02.x and 2020.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list