libx11 (2:1.6.3-1ubuntu2.2) xenial-security; urgency=medium
* SECURITY UPDATE: integer overflow and heap overflow in XIM client
- debian/patches/CVE-2020-14344-1.patch: fix signed length values in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-2.patch: fix integer overflows in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-3.patch: fix more unchecked lengths in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-4.patch: zero out buffers in functions
in modules/im/ximcp/imDefIc.c, modules/im/ximcp/imDefIm.c.
- debian/patches/CVE-2020-14344-5.patch: change the data_len parameter
to CARD16 in modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-6.patch: fix size calculation in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-7.patch: fix input clients connecting
to server in modules/im/ximcp/imRmAttr.c.
- CVE-2020-14344
* SECURITY UPDATE: integer overflow and double free in locale handling
- debian/patches/CVE-2020-14363.patch: fix an integer overflow in
modules/om/generic/omGeneric.c.
- CVE-2020-14363
Date: 2020-08-31 17:17:17.895206+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/libx11/2:1.6.3-1ubuntu2.2
Sorry, changesfile not available.
--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes