Commit d11ee588 authored 13 years ago by Thomas Hoger Committed by Alan Coopersmith 13 years ago

LZW decompress: fix for CVE-2011-2895


Specially crafted LZW stream can crash an application using libXfont
that is used to open untrusted font files.  With X server, this may
allow privilege escalation when exploited

Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

parent 214ca6a7

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 2 additions and 0 deletions

Please register or to comment

Admin message

Admin message

LZW decompress: fix for CVE-2011-2895