libdmx is the Xlib-based DMX (Distributed Multihead X) extension library. This bugfix release consists solely of the fixes for the overflows recently reported under CVE-2013-1992.
Alan Coopersmith (5):
Use _XEatDataWords to avoid overflow of rep.length bit shifting
integer overflow in DMXGetScreenAttributes() [CVE-2013-1992 1/3]
integer overflow in DMXGetWindowAttributes() [CVE-2013-1992 2/3]
integer overflow in DMXGetInputAttributes() [CVE-2013-1992 3/3]
libdmx 1.1.3
git tag: libdmx-1.1.3
http://xorg.freedesktop.org/archive/individual/lib/libdmx-1.1.3.tar.bz2
MD5: ba983eba5a9f05d152a0725b8e863151
SHA1: 0eeac14a06cffb04a1c78793563f233a8f8b79be
SHA256: c97da36d2e56a2d7b6e4f896241785acc95e97eb9557465fd66ba2a155a7b201
http://xorg.freedesktop.org/archive/individual/lib/libdmx-1.1.3.tar.gz
MD5: eed755e7cdb161e05f70e955f2b0ef4d
SHA1: 07497612b658dd2b247f87fb4248bf180e82d563
SHA256: c4b24d7e13e5a67ead7a18f0b4cc9b7b5363c9d04cd01b83b5122ff92b3b4996
--
-Alan Coopersmith- [email protected]
Oracle Solaris Engineering - http://blogs.oracle.com/alanc
pgp1T_Km8Dt68.pgp
Description: PGP signature
_______________________________________________ [email protected]: X.Org support Archives: http://lists.freedesktop.org/archives/xorg Info: http://lists.x.org/mailman/listinfo/xorg Your subscription address: [email protected]
