Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2020Q2]: pkgsrc/x11/libX11 Pullup ticket #6290 - requested by ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/b9bc63a2d811
branches: pkgsrc-2020Q2
changeset: 436373:b9bc63a2d811
user: bsiegert <bsiegert%pkgsrc.org@localhost>
date: Sat Aug 01 06:47:52 2020 +0000
description:
Pullup ticket #6290 - requested by maya
x11/libX11: security fix
Revisions pulled up:
- x11/libX11/Makefile 1.52
- x11/libX11/distinfo 1.31
---
Module Name: pkgsrc
Committed By: maya
Date: Fri Jul 31 16:36:55 UTC 2020
Modified Files:
pkgsrc/x11/libX11: Makefile distinfo
Log Message:
libX11: update to 1.6.10
Heap corruption in the X input method client in libX11
======================================================
CVE-2020-14344
The X Input Method (XIM) client implementation in libX11 has some
integer overflows and signed/unsigned comparison issues that can lead
to heap corruption when handling malformed messages from an input
method.
Patches
=======
Patches for these issues have been commited to the libX11 git repository.
libX11 1.6.10 will be released shortly and will include those patches.
https://gitlab.freedesktop.org/xorg/lib/libx11
commit 1703b9f3435079d3c6021e1ee2ec34fd4978103d (HEAD -> master)
Change the data_len parameter of _XimAttributeToValue() to CARD16
It's coming from a length in the protocol (unsigned) and passed
to functions that expect unsigned int parameters (_XCopyToArg()
and memcpy()).
commit 1a566c9e00e5f35c1f9e7f3d741a02e5170852b2
Zero out buffers in functions
It looks like uninitialized stack or heap memory can leak
out via padding bytes.
commit 2fcfcc49f3b1be854bb9085993a01d17c62acf60
Fix more unchecked lengths
commit 388b303c62aa35a245f1704211a023440ad2c488
fix integer overflows in _XimAttributeToValue()
commit 0e6561efcfaa0ae7b5c74eac7e064b76d687544e
Fix signed length values in _XimGetAttributeID()
The lengths are unsigned according to the specification. Passing
negative values can lead to data corruption.
Thanks
======
X.Org thanks Todd Carson for reporting these issues to our security
team and assisting them in understanding them and providing fixes.
diffstat:
x11/libX11/Makefile | 4 ++--
x11/libX11/distinfo | 10 +++++-----
2 files changed, 7 insertions(+), 7 deletions(-)
diffs (30 lines):
diff -r fc2d5a058010 -r b9bc63a2d811 x11/libX11/Makefile
--- a/x11/libX11/Makefile Thu Jul 30 18:50:01 2020 +0000
+++ b/x11/libX11/Makefile Sat Aug 01 06:47:52 2020 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.51 2020/01/18 23:35:50 rillig Exp $
+# $NetBSD: Makefile,v 1.51.4.1 2020/08/01 06:47:52 bsiegert Exp $
-DISTNAME= libX11-1.6.9
+DISTNAME= libX11-1.6.10
CATEGORIES= x11 devel
MASTER_SITES= ${MASTER_SITE_XORG:=lib/}
EXTRACT_SUFX= .tar.bz2
diff -r fc2d5a058010 -r b9bc63a2d811 x11/libX11/distinfo
--- a/x11/libX11/distinfo Thu Jul 30 18:50:01 2020 +0000
+++ b/x11/libX11/distinfo Sat Aug 01 06:47:52 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.30 2019/11/13 21:59:51 wiz Exp $
+$NetBSD: distinfo,v 1.30.6.1 2020/08/01 06:47:52 bsiegert Exp $
-SHA1 (libX11-1.6.9.tar.bz2) = 62456536411f2540fbd4a3f59ed8af94967124c2
-RMD160 (libX11-1.6.9.tar.bz2) = 5575e5b54557979aa48c938a765830a3fabfceca
-SHA512 (libX11-1.6.9.tar.bz2) = fc18f0dc17ade1fc37402179f52e1f2b9c7b7d3a1a9590fea13046eb0c5193b4796289431cd99388eac01e8e59de77db45d2c9675d4f05ef8cf3ba6382c3dd31
-Size (libX11-1.6.9.tar.bz2) = 2283814 bytes
+SHA1 (libX11-1.6.10.tar.bz2) = e28f6bc0a33ca512b1aeb973a1dd8b3a3c48cd9f
+RMD160 (libX11-1.6.10.tar.bz2) = 3d7ecf53bf8d87347857a0a810ce772f97c4b352
+SHA512 (libX11-1.6.10.tar.bz2) = ad384d8896fbe587f7fd99b0d3cc56fac6e2facbab52fa99174200d06b19dd163a483c998acf3834b3a4a3aa4de0dbbe13919a1c80e6797afe467c7075b403ff
+Size (libX11-1.6.10.tar.bz2) = 2294095 bytes
SHA1 (patch-Makefile.in) = 93d3b8d9882babf70788e984884a9db46a5367ef
SHA1 (patch-aa) = 4f502264e7200fd2f9409d8684c53de3bc6f0649
SHA1 (patch-ac) = 565aa2a636b5c50f67cbd11e7c2adcac8d55418e
Home |
Main Index |
Thread Index |
Old Index