[3.1] libxvmc: Insufficient validation of server responses results in buffer underflow (CVE-2016-7953)

insufficient validation of data from the X server can cause a one byte buffer read underrun.

Affected versions:

libxvmc <= 1.0.9

Fixed In Version:

libxvmc 1.0.10

Reference:

https://lists.x.org/archives/xorg-announce/2016-October/002720.html

Patch:

https://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb

(from redmine: issue id 6275, created on 2016-10-06, closed on 2016-10-25)

• Relations:
  • parent #6270 (closed)
• Changesets:
  • Revision 14039a71 on 2016-10-19T09:53:55Z:

main/libxvmc: security fix (CVE-2016-7953). Fixes #6275

(cherry picked from commit 64829de6223eea876af4dfff594135fb79b114ae)