oss-sec mailing list archives
CVE Request: xorg-server and pixman
From: Jamie Strandboge <jamie () canonical com>
Date: Tue, 03 Dec 2013 11:54:42 -0600
Hi, This bug has been public since August but I could find a CVE for it: https://launchpad.net/bugs/1197921 There are two bugs - Xorg can be made to crash and pixman can trigger the aformentioned Xorg crash. A simplified reproducer is in the pixman patches with another reproducer in the Launchpad bug. The xorg xorg-server - exa: only draw valid trapezoids The patch was submitted in October but doesn't seem to be applied yet, so I'm CC'ing xorg_security. Patch references the pixman f.d.o bug, but doesn't seem to have an associated xorg bug. http://patchwork.freedesktop.org/patch/14769/ http://lists.x.org/archives/xorg-devel/2013-October/037996.html Pixman - Corrupted CustomShape crashes Xorg https://bugs.freedesktop.org/show_bug.cgi?id=67484 Patch: - 5e14da97f16e421d084a9e735be21b1025150f0c (fix) - 2f876cf86718d3dd9b3b04ae9552530edafe58a1 (test case) Thanks! -- Jamie Strandboge http://www.ubuntu.com/
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE Request: xorg-server and pixman Jamie Strandboge (Dec 03)
- Re: CVE Request: xorg-server and pixman Kurt Seifried (Dec 03)
- Re: CVE Request: xorg-server and pixman Murray McAllister (Dec 03)
- Re: CVE Request: xorg-server and pixman Jamie Strandboge (Dec 04)
- Re: CVE Request: xorg-server and pixman Kurt Seifried (Dec 04)
- Re: CVE Request: xorg-server and pixman Murray McAllister (Dec 03)
- Re: CVE Request: xorg-server and pixman Kurt Seifried (Dec 03)