[3.1] libxi: various flaws (CVE-2016-7945, CVE-2016-7946)
CVE-2016-7945: Insufficient validation of server responses result in Integer overflows
CVE-2016-7946: Insufficient validation of server responses result in various data mishandlings
Affected versions:
libXi <= 1.7.6
Fixed In Version:
libXi 1.7.7
References:
http://seclists.org/oss-sec/2016/q4/17
https://lists.x.org/archives/xorg-announce/2016-October/002720.html
(from redmine: issue id 6305, created on 2016-10-07, closed on 2016-10-25)
- Relations:
- parent #6300 (closed)
- Changesets:
- Revision b0140e44 on 2016-10-20T10:07:10Z:
main/libxi: security fixes (CVE-2016-7945, CVE-2016-7946)
Fixes #6305
(cherry picked from commit ffaa32a96062a37c4b3aff0dc2b6e37661dab85a)