[Bug 220584] x11-servers/xorg-server: Security vulnerabilities (CVE-2017-10971, CVE-2017-10972)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed May 23 16:46:19 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220584
--- Comment #6 from commit-hook at freebsd.org ---
A commit references this bug:
Author: zeising
Date: Wed May 23 16:45:37 UTC 2018
New revision: 470709
URL: https://svnweb.freebsd.org/changeset/ports/470709
Log:
MFH: r470454
x11-servers/xorg-server: Backport security fixes
Backport security fixes for CVE-2017-10971 and CVE-2017-10972 (yes, 2017).
For some reason this was not done when the vulnerabilities were documented
in VuXML, and a typo in the version range in VuXML meant that the entries
never matched.
This fixes a memory disclosure and a couple of buffer overruns.
PR: 220584
Reported by: Vladimir Krstulja
Security: ab881a74-c016-4e6d-9f7d-68c8e7cedafb
Approved by: ports-secteam (riggs)
Changes:
_U branches/2018Q2/
branches/2018Q2/x11-servers/xorg-server/Makefile
branches/2018Q2/x11-servers/xorg-server/files/patch-CVE-2017-10971
branches/2018Q2/x11-servers/xorg-server/files/patch-CVE-2017-10972
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-x11
mailing list