[3.5] libxtst: Out of boundary access and endless loop (CVE-2016-7951, CVE-2016-7952)
CVE-2016-7951: Insufficient validation of server responses result in Integer overflows
CVE-2016-7952: Insufficient validation of server responses result in various data mishandlings
Fixed In Version:
libXtst 1.2.3
Reference:
https://lists.x.org/archives/xorg-announce/2016-October/002720.html
Patch:
https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3
(from redmine: issue id 6283, created on 2016-10-06, closed on 2016-10-25)
- Relations:
- parent #6282 (closed)