diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-08-02 20:47:14 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-08-02 20:47:14 +0200 |
| commit | 859ebed168bf965efdcfd6d4256da2e24a4e9e04 (patch) | |
| tree | 3afd7e52c1aef47c2d4288be67267c1488156270 | |
| parent | cdb8a2c7102c7e107dc22f42d98c298a926f4855 (diff) | |
Reference regression fix for CVE-2020-14344/libx11
| -rw-r--r-- | data/CVE/list | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 73bf3c94a4..5e2572b5eb 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -4675,6 +4675,8 @@ CVE-2020-14344 [Heap corruption in the X input method client in libX11] NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/2fcfcc49f3b1be854bb9085993a01d17c62acf60 NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/1a566c9e00e5f35c1f9e7f3d741a02e5170852b2 NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/1703b9f3435079d3c6021e1ee2ec34fd4978103d + NOTE: Original patchset introduces regression: https://bugs.debian.org/966691 + NOTE: Follow-up for regression: https://gitlab.freedesktop.org/xorg/lib/libx11/-/issues/116 CVE-2020-14343 [.load() and FullLoader still vulnerable to fairly trivial RCE] RESERVED - pyyaml <unfixed> (bug #966233) |