New branch 'debian-wheezy' available with the following commits:
commit 0a024e79b44f0c2800a33a5bed3e27b5a21b47c9
Author: Julien Cristau <[email protected]>
Date: Tue May 14 16:49:22 2013 +0200
Upload to wheezy-security
commit 0e1cc86e8fc9f56ac97a60ed22270b230207a1cf
Author: Alan Coopersmith <[email protected]>
Date: Fri Mar 8 19:55:55 2013 -0800
integer overflow in XineramaQueryScreens() [CVE-2013-1985]
If the reported number of screens is too large, the calculations to
allocate memory for them may overflow, leaving us writing beyond the
bounds of the allocation.
Reported-by: Ilja Van Sprundel <[email protected]>
Signed-off-by: Alan Coopersmith <[email protected]>
Signed-off-by: Julien Cristau <[email protected]>
commit 8c1bc19660e55761b2418d0d12e63eec5e423932
Author: Alan Coopersmith <[email protected]>
Date: Sat May 4 09:21:14 2013 -0700
Use _XEatDataWords to avoid overflow of _XEatData calculations
rep.length is a CARD32, so rep.length << 2 could overflow in 32-bit builds
Signed-off-by: Alan Coopersmith <[email protected]>
Signed-off-by: Julien Cristau <[email protected]>
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
