summaryrefslogtreecommitdiffstats
path: root/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb
diff options
context:
space:
mode:
authorJackie Huang <jackie.huang@windriver.com>2017-08-17 15:39:13 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-08-18 12:35:57 +0100
commit20428f660f2c046c63bbf63c4e4af95dac9f2b3d (patch)
tree2a201effebb4dc5eaf9662632eebf5db5ed13d8b /meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb
parentb516394f9e7858062aa7b042aa4a1bdef9d3a941 (diff)
downloadopenembedded-core-20428f660f2c046c63bbf63c4e4af95dac9f2b3d.tar.gz
xserver-xorg: Fix CVE-2017-10971
Backport 3 patches to fix CVE-2017-10971: In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events. Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-10971 Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb')
-rw-r--r--meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb3
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb
index 606367d1e9..65ef6c683b 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb
@@ -5,6 +5,9 @@ SRC_URI += "file://musl-arm-inb-outb.patch \
file://0002-configure.ac-Fix-wayland-scanner-and-protocols-locat.patch \
file://0003-modesetting-Fix-16-bit-depth-bpp-mode.patch \
file://0003-Remove-check-for-useSIGIO-option.patch \
+ file://CVE-2017-10971-1.patch \
+ file://CVE-2017-10971-2.patch \
+ file://CVE-2017-10971-3.patch \
"
SRC_URI[md5sum] = "015d2fc4b9f2bfe7a626edb63a62c65e"
SRC_URI[sha256sum] = "677a8166e03474719238dfe396ce673c4234735464d6dadf2959b600d20e5a98"