diff options
| author | Sona Sarmadi <sona.sarmadi@enea.com> | 2017-01-30 12:46:22 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-02-08 12:00:21 +0000 |
| commit | eed433faba6f8970287d72215f4be7289019516d (patch) | |
| tree | caebb4a92844b8d55db982fa3ef8a526980ff946 /meta/recipes-graphics/xorg-lib/libx11_1.6.3.bb | |
| parent | 4f991d93f6221e72c3eea6080ec405155b680681 (diff) | |
| download | poky-eed433faba6f8970287d72215f4be7289019516d.tar.gz | |
libX11: CVE-2016-7942
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X
servers to gain privileges via vectors involving image type and geometry,
which triggers out-of-bounds read operations.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7942
Upstream patch
https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17
(From OE-Core rev: 6d4421301a54c26e390fa943805574ced6e18c3a)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-graphics/xorg-lib/libx11_1.6.3.bb')
| -rw-r--r-- | meta/recipes-graphics/xorg-lib/libx11_1.6.3.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-graphics/xorg-lib/libx11_1.6.3.bb b/meta/recipes-graphics/xorg-lib/libx11_1.6.3.bb index 8e531c7456..152ccd9d4a 100644 --- a/meta/recipes-graphics/xorg-lib/libx11_1.6.3.bb +++ b/meta/recipes-graphics/xorg-lib/libx11_1.6.3.bb | |||
| @@ -5,6 +5,7 @@ BBCLASSEXTEND = "native nativesdk" | |||
| 5 | 5 | ||
| 6 | SRC_URI += "file://disable_tests.patch \ | 6 | SRC_URI += "file://disable_tests.patch \ |
| 7 | file://libX11-Add-missing-NULL-check.patch \ | 7 | file://libX11-Add-missing-NULL-check.patch \ |
| 8 | file://CVE-2016-7942.patch \ | ||
| 8 | " | 9 | " |
| 9 | 10 | ||
| 10 | SRC_URI[md5sum] = "2e36b73f8a42143142dda8129f02e4e0" | 11 | SRC_URI[md5sum] = "2e36b73f8a42143142dda8129f02e4e0" |