X2Go

~x2go/x2go/+git/nx-libs:CVE-2015-0255

  1. Git
  2. lp:~x2go/x2go/+git/nx-libs
  3. CVE-2015-0255
Last commit made on 2015-02-17
Get this branch:
git clone -b CVE-2015-0255 https://git.launchpad.net/~x2go/x2go/+git/nx-libs

Branch merges

Branch information

Name:
CVE-2015-0255
Repository:
lp:~x2go/x2go/+git/nx-libs

Recent commits

a1cd16d... by Olivier Fourdan <email address hidden>

xkb: Don't swap XkbSetGeometry data in the input buffer

The XkbSetGeometry request embeds data which needs to be swapped when the
server and the client have different endianess.

_XkbSetGeometry() invokes functions that swap these data directly in the
input buffer.

However, ProcXkbSetGeometry() may call _XkbSetGeometry() more than once
(if there is more than one keyboard), thus causing on swapped clients the
same data to be swapped twice in memory, further causing a server crash
because the strings lengths on the second time are way off bounds.

To allow _XkbSetGeometry() to run reliably more than once with swapped
clients, do not swap the data in the buffer, use variables instead.

v3: backport to nx-libs 3.6.x (Mike DePaulo)

Signed-off-by: Olivier Fourdan <email address hidden>
Signed-off-by: Peter Hutterer <email address hidden>
(cherry picked from commit 81c90dc8f0aae3b65730409b1b615b5fa7280ebd)
(cherry picked from commit 29be310c303914090298ddda93a5bd5d00a94945)
Signed-off-by: Julien Cristau <email address hidden>
index 2405090..7db0959 100644

dc596f0... by Joerg Sonnenberger <email address hidden>

Do proper input validation to fix for CVE-2011-2895.

It ensures that all valid input can be decompressed, checks that the
overflow conditions doesn't happen and generally tightens the
validation of the LZW stream and doesn't pessimize the inner loop for
no good reason. It's derived from a change in libarchive from 2004.

v2: backports to nx-libs 3.6.x (Mihai Moldovan)
v3: fix comment lines starting with "+" + whitespace fixes (Mike Gabriel)
Signed-off-by: Matthieu Herrb <email address hidden>
Reviewed-by: Tomas Hoger <email address hidden>

18e337d... by Mike Gabriel

Revert "Do proper input validation to fix for CVE-2011-2895."

This reverts commit 6acafc9334828da22446380c81af81bde14b5d86.

26cfe93... by Mike Gabriel

fix 3.5.0.29 changelog entry

1f3222f... by Mike Gabriel

debian/changelog: fix too-long lines

db12538... by Mike Gabriel

Makefile.nx-libs: Fix uninstall-lite rule. The nxproxy and nxcomp uninstallation has to be in uninstall-lite, not in uninstall-full.

892c08d... by Mike Gabriel

Make install-lite rule in Makefile.nx-libs more predictable and not rely on nxproxy/Makefile.in.

f29cc29... by Mike Gabriel

Install "%{_libdir}/nx/bin" into nxproxy package.

7424308... by Mike Gabriel

nx-libs.spec: Typo fix in comment.

e4d9701... by Michael DePaulo

Fix FTBFS due to the nxproxy executable already existing under /usr/lib/nx/bin/nx

Conflicts (resolved by Mike Gabriel):
 debian/changelog