Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[xsrc/netbsd-10]: xsrc/external/mit/xorg-server.old/dist/Xi Pull up following...
details: https://anonhg.NetBSD.org/xsrc/rev/9c276cc348c5
branches: netbsd-10
changeset: 7421:9c276cc348c5
user: martin <martin%NetBSD.org@localhost>
date: Wed Feb 08 17:13:59 2023 +0000
description:
Pull up following revision(s) (requested by mrg in ticket #73):
external/mit/xorg-server.old/dist/Xi/exevents.c: revision 1.2
pullover fix from xorg-server 21.1.7:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec
Xi: fix potential use-after-free in DeepCopyPointerClasses
CVE-2023-0494, ZDI-CAN-19596
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer's avatarPeter Hutterer <peter.hutterer%who-t.net@localhost>
diffstat:
external/mit/xorg-server.old/dist/Xi/exevents.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diffs (15 lines):
diff -r 239f61746010 -r 9c276cc348c5 external/mit/xorg-server.old/dist/Xi/exevents.c
--- a/external/mit/xorg-server.old/dist/Xi/exevents.c Wed Feb 08 17:09:26 2023 +0000
+++ b/external/mit/xorg-server.old/dist/Xi/exevents.c Wed Feb 08 17:13:59 2023 +0000
@@ -586,8 +586,10 @@
}
memcpy(to->button->xkb_acts, from->button->xkb_acts,
sizeof(XkbAction));
- } else
+ } else {
free(to->button->xkb_acts);
+ to->button->xkb_acts = NULL;
+ }
memcpy(to->button->labels, from->button->labels,
from->button->numButtons * sizeof(Atom));
Home |
Main Index |
Thread Index |
Old Index