CVSROOT: /cvs
Module name: xenocara
Changes by: [email protected] 2020/12/01 08:37:43
Modified files:
xserver/xkb : Tag: OPENBSD_6_7 xkb.c
Log message:
Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap overflows
ZDI-CAN 11389 / CVE-2020-25712
Fix from Jan-Niklas Sohn working with Trend Micro.
Check SetMap request length carefully.
Avoid out of bounds memory accesses on too short requests.
ZDI-CAN 11572 / CVE-2020-14360
Reported by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
from matthieu@
this is errata/6.7/030_xmaplen.patch.sig
