CVS: cvs.openbsd.org: xenocara

Alexander Bluhm Wed, 14 Dec 2022 04:56:27 -0800

CVSROOT:        /cvs
Module name:    xenocara
Changes by:     bl...@cvs.openbsd.org   2022/12/14 05:56:06


Modified files:
        xserver/Xext   : Tag: OPENBSD_7_2 saver.c xtest.c xvmain.c 
        xserver/Xi     : Tag: OPENBSD_7_2 xipassivegrab.c xiproperty.c 
        xserver/dix    : Tag: OPENBSD_7_2 property.c 
        xserver/xkb    : Tag: OPENBSD_7_2 xkbUtils.c 

Log message:
Fix serveral X server input validation errors that can cause varios issues:

* CVE-2022-46340/ZDI-CAN-19265: X.Org Server XTestSwapFakeInput stack
overflow
* CVE-2022-46341/ZDI-CAN-19381: X.Org Server XIPassiveUngrab
out-of-bounds access
* CVE-2022-46342/ZDI-CAN-19400: X.Org Server XvdiSelectVideoNotify
use-after-free
* CVE-2022-46343/ZDI-CAN-19404: X.Org Server ScreenSaverSetAttributes
use-after-free
* CVE-2022-46344/ZDI-CAN-19405: X.Org Server XIChangeProperty
out-of-bounds access
* CVE-2022-46283/ZDI-CAN-19530: X.Org Server XkbGetKbdByName use-after-free

from matthieu@

this is errata/7.2/009_xserver.patch.sig

CVS: cvs.openbsd.org: xenocara

Reply via email to