CVSROOT: /cvs Module name: xenocara Changes by: matth...@cvs.openbsd.org 2016/10/04 09:05:13
Modified files:
lib/libXrender/src: Xrender.c
Log message:
Validate lengths while parsing server data.
Individual lengths inside received server data can overflow
the previously reserved memory.
It is therefore important to validate every single length
field to not overflow the previously agreed sum of all invidual
length fields.
>From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016
