[Bug 220584] x11-servers/xorg-server: Security vulnerabilities (CVE-2017-10971, CVE-2017-10972)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun May 20 13:19:19 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220584
--- Comment #4 from commit-hook at freebsd.org ---
A commit references this bug:
Author: zeising
Date: Sun May 20 13:18:48 UTC 2018
New revision: 470454
URL: https://svnweb.freebsd.org/changeset/ports/470454
Log:
x11-servers/xorg-server: Backport security fixes
Backport security fixes for CVE-2017-10971 and CVE-2017-10972 (yes, 2017).
For some reason this was not done when the vulnerabilities were documented
in VuXML, and a typo in the version range in VuXML meant that the entries
never matched.
This fixes a memory disclosure and a couple of buffer overruns.
PR: 220584
Reported by: Vladimir Krstulja
MFH: 2018Q2
Security: ab881a74-c016-4e6d-9f7d-68c8e7cedafb
Changes:
head/x11-servers/xorg-server/Makefile
head/x11-servers/xorg-server/files/patch-CVE-2017-10971
head/x11-servers/xorg-server/files/patch-CVE-2017-10972
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-x11
mailing list