Overview

Request 336760 accepted

- Fix for CVE-2015-5260 and CVE-2015-5261.
bsc#944787, bsc#948976
Added patches:
0001-Validate-surface-bounding-box-before-using-it.patch
0001-worker-validate-correctly-surfaces.patch
0002-worker-avoid-double-free-or-double-create-of-surface.patch
0003-Define-a-constant-to-limit-data-from-guest.patch
0004-Fix-some-integer-overflow-causing-large-memory-alloc.patch
0005-Check-properly-surface-to-be-created.patch
0006-Fix-buffer-reading-overflow.patch
0007-Prevent-32-bit-integer-overflow-in-bitmap_consistent.patch
0008-Fix-race-condition-on-red_get_clip_rects.patch
0009-Fix-race-in-red_get_image.patch
0010-Fix-race-condition-in-red_get_string.patch
0011-Fix-integer-overflow-computing-glyph_size-in-red_get.patch
0012-Fix-race-condition-in-red_get_data_chunks_ptr.patch
0013-Prevent-memory-leak-if-red_get_data_chunks_ptr-fails.patch
0014-Prevent-DoS-from-guest-trying-to-allocate-too-much-d.patch
0015-Fix-some-possible-overflows-in-red_get_string-for-32.patch
0016-Make-sure-we-can-read-QXLPathSeg-structures.patch
0017-Avoid-race-condition-copying-segments-in-red_get_pat.patch
0018-Prevent-data_size-to-be-set-independently-from-data.patch
0019-Prevent-leak-if-size-from-red_get_data_chunks-don-t-.patch

Loading...
Request History
Cédric Bosdonnat's avatar

cbosdonnat created request

- Fix for CVE-2015-5260 and CVE-2015-5261.
bsc#944787, bsc#948976
Added patches:
0001-Validate-surface-bounding-box-before-using-it.patch
0001-worker-validate-correctly-surfaces.patch
0002-worker-avoid-double-free-or-double-create-of-surface.patch
0003-Define-a-constant-to-limit-data-from-guest.patch
0004-Fix-some-integer-overflow-causing-large-memory-alloc.patch
0005-Check-properly-surface-to-be-created.patch
0006-Fix-buffer-reading-overflow.patch
0007-Prevent-32-bit-integer-overflow-in-bitmap_consistent.patch
0008-Fix-race-condition-on-red_get_clip_rects.patch
0009-Fix-race-in-red_get_image.patch
0010-Fix-race-condition-in-red_get_string.patch
0011-Fix-integer-overflow-computing-glyph_size-in-red_get.patch
0012-Fix-race-condition-in-red_get_data_chunks_ptr.patch
0013-Prevent-memory-leak-if-red_get_data_chunks_ptr-fails.patch
0014-Prevent-DoS-from-guest-trying-to-allocate-too-much-d.patch
0015-Fix-some-possible-overflows-in-red_get_string-for-32.patch
0016-Make-sure-we-can-read-QXLPathSeg-structures.patch
0017-Avoid-race-condition-copying-segments-in-red_get_pat.patch
0018-Prevent-data_size-to-be-set-independently-from-data.patch
0019-Prevent-leak-if-size-from-red_get_data_chunks-don-t-.patch


Stephan Kulow's avatar

coolo added openSUSE:Leap:42.1:Staging:A as a reviewer

Being evaluated by staging project "openSUSE:Leap:42.1:Staging:A"


Stephan Kulow's avatar

coolo accepted review

Picked openSUSE:Leap:42.1:Staging:A


Stephan Kulow's avatar

coolo accepted review

Reviewed by staging project "openSUSE:Leap:42.1:Staging:A" with result: "accepted"


Stephan Kulow's avatar

coolo approved review

Reviewed by staging project "openSUSE:Leap:42.1:Staging:A" with result: "accepted"


Stephan Kulow's avatar

coolo added factory-staging as a reviewer

Please recheck


Stephan Kulow's avatar

coolo added openSUSE:Leap:42.1:Staging:A as a reviewer

Being evaluated by staging project "openSUSE:Leap:42.1:Staging:A"


Stephan Kulow's avatar

coolo accepted review

Picked openSUSE:Leap:42.1:Staging:A


Stephan Kulow's avatar

coolo accepted review

ready to accept


Stephan Kulow's avatar

coolo approved review

ready to accept


Stephan Kulow's avatar

coolo accepted request

Accept to openSUSE:Leap:42.1

openSUSE Build Service is sponsored by