diff options
| author | herrb <herrb@web> | 2016-10-04 14:37:10 +0000 |
|---|---|---|
| committer | xorg <iki-xorg@freedesktop.org> | 2016-10-04 14:37:10 +0000 |
| commit | b895d0585efc92330e0d42d733e2f087f848e656 (patch) | |
| tree | 8b28c35777d5b04d8c9c5002964e8119849af004 /Development | |
| parent | f1460ff2e2b5f9304cc3456943ad8893719b76b1 (diff) | |
Oct. 4 security advisory
Diffstat (limited to 'Development')
| -rw-r--r-- | Development/Security.mdwn | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/Development/Security.mdwn b/Development/Security.mdwn index 7d1d43b8..e1d9032e 100644 --- a/Development/Security.mdwn +++ b/Development/Security.mdwn @@ -10,6 +10,10 @@ See the [[Security Checklist|Development/Security/Checklist]] for the list of th ## X.Org 7.7 +* Oct. 4, 2016 Protocol handling issues in X Window System client libraries + * X client libraries can overflow buffers or corrupt memory in clients if servers send invalid replies. + * Please see [[the advisory|https://lists.x.org/archives/xorg-announce/2016-October/002720.html]] for more information. + * Apr. 14, 2015 - Buffer overflow in `MakeBigReq` macro in libX11 prior to 1.6 * CVE-2013-7439 was assigned to track a buffer overflow fixed in libX11 in 2013 which requires other packages to be recompiled if they use the `MakeBigReq()` or `SetReqLen()` macros from `<X11/XlibInt.h>`. * Please see [[the advisory|http://lists.x.org/archives/xorg-announce/2015-April/002561.html]] for more information. |