summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-08-02 20:47:14 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2020-08-02 20:47:14 +0200
commit859ebed168bf965efdcfd6d4256da2e24a4e9e04 (patch)
tree3afd7e52c1aef47c2d4288be67267c1488156270
parentcdb8a2c7102c7e107dc22f42d98c298a926f4855 (diff)
Reference regression fix for CVE-2020-14344/libx11
-rw-r--r--data/CVE/list2
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 73bf3c9..5e2572b 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4675,6 +4675,8 @@ CVE-2020-14344 [Heap corruption in the X input method client in libX11]
NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/2fcfcc49f3b1be854bb9085993a01d17c62acf60
NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/1a566c9e00e5f35c1f9e7f3d741a02e5170852b2
NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/1703b9f3435079d3c6021e1ee2ec34fd4978103d
+ NOTE: Original patchset introduces regression: https://bugs.debian.org/966691
+ NOTE: Follow-up for regression: https://gitlab.freedesktop.org/xorg/lib/libx11/-/issues/116
CVE-2020-14343 [.load() and FullLoader still vulnerable to fairly trivial RCE]
RESERVED
- pyyaml <unfixed> (bug #966233)

© 2014-2020 Faster IT GmbH | imprint | privacy policy