Package: libx11-6 Version: 2:1.0.3-2 Severity: important Tags: security
A vulnerability has been found in libx11: The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor. See https://bugs.freedesktop.org/show_bug.cgi?id=8699 Please mention the CVE id in the changelog. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
