Date: Tue, 25 Aug 2020 12:22:35 -0700 From: Alan Coopersmith <alan.coopersmith@...cle.com> To: oss-security@...ts.openwall.com Cc: "X.Org Security Team" <xorg-security@...ts.x.org> Subject: Re: X.Org server security advisory: August 25, 2020 On 8/25/20 8:37 AM, Matthieu Herrb wrote: > * CVE-2020-1436 / ZDI CAN 11574 XRecordRegisterClients Integer Underflow > > An integer underflow exist in the handler for the CreateRegister > request of the X record extension. This entry was missing a digit in the CVE id, the correct id was listed in the later half: > commit 24acad216aa0fc2ac451c67b2b86db057a032050 > > Fix XRecordRegisterClients() Integer underflow > > CVE-2020-14362 ZDI-CAN-11574 These advisories have also now been published on the X.Org security page at https://www.x.org/wiki/Development/Security/ -- -Alan Coopersmith- alan.coopersmith@...cle.com X.Org Security Response Team - xorg-security@...ts.x.org
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.