Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 03 Dec 2013 11:54:42 -0600
From: Jamie Strandboge <>
CC: security <>, xorg_security@...rg
Subject: CVE Request: xorg-server and pixman


This bug has been public since August but I could find a CVE for it:

There are two bugs - Xorg can be made to crash and pixman can trigger the
aformentioned Xorg crash. A simplified reproducer is in the pixman patches with
another reproducer in the Launchpad bug. The xorg

xorg-server - exa: only draw valid trapezoids
The patch was submitted in October but doesn't seem to be applied yet, so I'm
CC'ing xorg_security. Patch references the pixman f.d.o bug, but doesn't seem to
have an associated xorg bug.

Pixman - Corrupted CustomShape crashes Xorg
 - 5e14da97f16e421d084a9e735be21b1025150f0c (fix)
 - 2f876cf86718d3dd9b3b04ae9552530edafe58a1 (test case)


Jamie Strandboge       

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ