[Secure-testing-team] Bug#840440: libxi: CVE-2016-7945 CVE-2016-7946
Salvatore Bonaccorso
carnil at debian.org
Tue Oct 11 15:38:48 UTC 2016
Source: libxi
Version: 2:1.7.4-1
Severity: important
Tags: security upstream patch
Hi,
the following vulnerabilities were published for libxi.
CVE-2016-7945[0]:
or all of the integer overflows
CVE-2016-7946[1]:
for all of the other mishandling of the reply data
Note there is an regression in the original fix.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-7945
[1] https://security-tracker.debian.org/tracker/CVE-2016-7946
Regards,
Salvatore
More information about the Secure-testing-team
mailing list