CLD-64 Details
Other IDs this deficiency may be known by:
Basic Information:
Affected Package(s) |
xorg-server |
Deficiency Type |
SECURITY |
Date Created |
2017-10-06 08:52:18 |
Date Last Modified |
2017-10-06 09:14:19 |
Version Specific Information:
Cucumber 1.0 i686 | fixed in xorg-server-1.18.1-i686-4 |
Cucumber 1.0 x86_64 | fixed in xorg-server-1.18.1-x86_64-4 |
Cucumber 1.1 i686 |
fixed in xorg-server-1.18.1-i686-4 |
Cucumber 1.1 x86_64 |
fixed in xorg-server-1.18.1-x86_64-4 |
Details:
Official Patch:
https://cgit.freedesktop.org/xorg/xserver/commit/?id=94f11ca5cf011ef123bd222cabeaef6f424d76ac
xkb: Handle xkb formated string output safely (CVE-2017-13723)
Generating strings for XKB data used a single shared static buffer,
which offered several opportunities for errors. Use a ring of
resizable buffers instead, to avoid problems when strings end up
longer than anticipated.