Package "libx11"
Name: |
libx11
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- X11 client-side library
- X11 client-side library (debug package)
- X11 client-side library
- X11 client-side library (development headers)
|
Latest version: |
2:1.4.99.1-0ubuntu2.5 |
Release: |
precise (12.04) |
Level: |
updates |
Repository: |
main |
Links
Other versions of "libx11" in Precise
Packages in group
Deleted packages are displayed in grey.
Changelog
libx11 (2:1.4.99.1-0ubuntu2.5) precise-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: integer overflow and heap overflow in XIM client
- debian/patches/CVE-2020-14344-1.patch: fix signed length values in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-2.patch: fix integer overflows in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-3.patch: fix more unchecked lengths in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-4.patch: zero out buffers in functions
in modules/im/ximcp/imDefIc.c, modules/im/ximcp/imDefIm.c.
- debian/patches/CVE-2020-14344-5.patch: change the data_len parameter
to CARD16 in modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-6.patch: fix size calculation in
modules/im/ximcp/imRmAttr.c.
- debian/patches/CVE-2020-14344-7.patch: fix input clients connecting
to server in modules/im/ximcp/imRmAttr.c.
- CVE-2020-14344
* SECURITY UPDATE: integer overflow and double free in locale handling
- debian/patches/CVE-2020-14363.patch: fix an integer overflow in
modules/om/generic/omGeneric.c.
- CVE-2020-14363
-- <email address hidden> (Leonidas S. Barbosa) Wed, 02 Sep 2020 13:42:13 -0300
|
Source diff to previous version |
CVE-2020-14344 |
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. A |
CVE-2020-14363 |
Double free in libX11 locale handling code |
|
libx11 (2:1.4.99.1-0ubuntu2.3) precise-security; urgency=medium
* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
- debian/patches/makebigreq_overflow.patch: don't move the last word in
MakeBigReq in include/X11/Xlibint.h.
- CVE number pending
-- Marc Deslauriers <email address hidden> Wed, 08 Apr 2015 08:01:09 -0400
|
Source diff to previous version |
libx11 (2:1.4.99.1-0ubuntu2.2) precise; urgency=low
* Rebuild against SRUed x11-proto-core (LP: #408903)
-- Iain Lane <email address hidden> Mon, 22 Jul 2013 11:09:59 +0100
|
Source diff to previous version |
libx11 (2:1.4.99.1-0ubuntu2.1) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
incorrect memory size calculations
- debian/patches/CVE-2013-1981.patch: fix multiple integer overflows.
- CVE-2013-1981
* SECURITY UPDATE: denial of service and possible code execution via
incorrect length and bounds checking
- debian/patches/CVE-2013-1997.patch: properly calculate lengths.
- CVE-2013-1997
* SECURITY UPDATE: denial of service and possible code execution via
stack overflow from recursive #include
- debian/patches/CVE-2013-2004.patch: set limit on depth.
- CVE-2013-2004
* debian/patches/001_hide_xeatdatawords.diff: Hide _XEatDataWords by
default.
-- Marc Deslauriers <email address hidden> Wed, 29 May 2013 16:20:21 -0400
|
About
-
Send Feedback to @ubuntu_updates