Security fixes for Oct. 3 advisory (!234) · Merge requests · xorg / lib / libX11 · GitLab

Due to an influx of spam, we have had to impose restrictions on new accounts. Please see this wiki page for instructions on how to get full permissions. Sorry for the inconvenience.

Alan Coopersmith requested to merge alanc/libx11:sec-fixes into master Oct 03, 2023

Alan Coopersmith (4):

CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms()
CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage()
XPutImage: clip images to maximum height & width allowed by protocol
XCreatePixmap: trigger BadValue error for out-of-range dimensions

Yair Mizrahi (1):

CVE-2023-43787: Integer overflow in XCreateImage() leading to a heap overflow