CVSROOT: /cvs Module name: xenocara Changes by: bl...@cvs.openbsd.org 2022/12/14 05:56:06
Modified files: xserver/Xext : Tag: OPENBSD_7_2 saver.c xtest.c xvmain.c xserver/Xi : Tag: OPENBSD_7_2 xipassivegrab.c xiproperty.c xserver/dix : Tag: OPENBSD_7_2 property.c xserver/xkb : Tag: OPENBSD_7_2 xkbUtils.c Log message: Fix serveral X server input validation errors that can cause varios issues: * CVE-2022-46340/ZDI-CAN-19265: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341/ZDI-CAN-19381: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342/ZDI-CAN-19400: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343/ZDI-CAN-19404: X.Org Server ScreenSaverSetAttributes use-after-free * CVE-2022-46344/ZDI-CAN-19405: X.Org Server XIChangeProperty out-of-bounds access * CVE-2022-46283/ZDI-CAN-19530: X.Org Server XkbGetKbdByName use-after-free from matthieu@ this is errata/7.2/009_xserver.patch.sig