[3.3] libxrandr: Integer overflows and various data mishandlings (CVE-2016-7947, CVE-2016-7948)
CVE-2016-7947: Insufficient validation of server responses result in Integer overflows
CVE-2016-7948: Insufficient validation of server responses result in various data mishandlings
Affected versions:
libXrandr <= 1.5.0
Fixed In Version:
libXrandr 1.5.1
Reference:
https://lists.x.org/archives/xorg-announce/2016-October/002720.html
(from redmine: issue id 6297, created on 2016-10-06, closed on 2016-10-25)
- Relations:
- parent #6294 (closed)
- Changesets:
- Revision 6645bbd2 on 2016-10-19T13:08:47Z:
main/libxrandr: security fixes (CVE-2016-7947, CVE-2016-7948)
Fixes #6297