CVSROOT: /cvs
Module name: xenocara
Changes by: matth...@cvs.openbsd.org 2022/12/14 03:29:00
Modified files:
xserver/Xext : saver.c xtest.c xvmain.c
xserver/Xi : xipassivegrab.c xiproperty.c
xserver/dix : property.c
xserver/xkb : xkbUtils.c
Log message:
Fix serveral X server input validation errors that can cause varios issues:
* CVE-2022-46340/ZDI-CAN-19265: X.Org Server XTestSwapFakeInput stack
overflow
* CVE-2022-46341/ZDI-CAN-19381: X.Org Server XIPassiveUngrab
out-of-bounds access
* CVE-2022-46342/ZDI-CAN-19400: X.Org Server XvdiSelectVideoNotify
use-after-free
* CVE-2022-46343/ZDI-CAN-19404: X.Org Server ScreenSaverSetAttributes
use-after-free
* CVE-2022-46344/ZDI-CAN-19405: X.Org Server XIChangeProperty
out-of-bounds access
* CVE-2022-46283/ZDI-CAN-19530: X.Org Server XkbGetKbdByName use-after-free
