[3.1] libxv: Insufficient validation of server responses results in out-of bounds accesses (CVE-2016-5407)
Insufficient validation of data from the X server
can cause out of boundary memory and memory corruption.
Affected versions:
libXv <= 1.0.10
Fixed In Version:
libXv 1.0.11
References:
https://lists.x.org/archives/xorg-announce/2016-October/002720.html
Patch:
https://cgit.freedesktop.org/xorg/lib/libXv/commit/?id=d9da580b46a28ab497de2e94fdc7b9ff953dab17
(from redmine: issue id 6281, created on 2016-10-06, closed on 2016-10-25)
- Relations:
- parent #6276 (closed)
- Changesets:
- Revision ed1503d2 on 2016-10-19T10:02:04Z:
main/libxv: security fix (CVE-2016-5407). Fixes #6281
(cherry picked from commit 00c0d0b37ed78ec5eb99beb9d464eea9a59595fd)