[3.3] libx11: Insufficient validation of server responses in XGetImage() and FontNames (CVE-2016-7942, CVE-2016-7943)
CVE-2016-7942: Insufficient validation of server responses in XGetImage()
CVE-2016-7943: Insufficient validation of server responses in FontNames
Fixed In Version:
libX11 1.6.4
Affected versions:
libX11 <= 1.6.3
References:
https://lists.x.org/archives/xorg-announce/2016-October/002720.html
http://seclists.org/oss-sec/2016/q4/17
(from redmine: issue id 6315, created on 2016-10-07, closed on 2016-10-25)
- Relations:
- parent #6312 (closed)
- Changesets:
- Revision 405345d3 on 2016-10-20T14:30:39Z:
main/libx11: security fixes (CVE-2016-7942, CVE-2016-7943)
Fixes #6315