libx11: Fix CVE-2021-31535 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Jasper Orschulko <jasper@fancydomain.eu>	2021-06-22 16:54:16 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-07-02 07:44:59 +0100
commit	0d546f90e50f5be6f960d4d8eeaf5dd8c71baedd (patch)
tree	8cb83bb45f25bb6474af146d622087957a820947 /meta/lib
parent	fbb58d5344a17600264529016e75bbe92480b44f (diff)
download	poky-0d546f90e50f5be6f960d4d8eeaf5dd8c71baedd.tar.gz

libx11: Fix CVE-2021-31535

https://lists.x.org/archives/xorg-announce/2021-May/003088.html XLookupColor() and other X libraries function lack proper validation of the length of their string parameters. If those parameters can be controlled by an external application (for instance a color name that can be emitted via a terminal control sequence) it can lead to the emission of extra X protocol requests to the X server. (From OE-Core rev: 81d338c6079729b35f55f8889526f0c9a62802fe) Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/lib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: