CVE-2013-2062

Published: 23 May 2013

Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions.

Priority

Status

Package	Release	Status
libxp Launchpad, Ubuntu, Debian	lucid	Ignored (reached end-of-life)
	precise	Released (1:1.0.1-2ubuntu0.12.04.1)
	quantal	Released (1:1.0.1-2ubuntu0.12.10.1)
	raring	Released (1:1.0.1-2ubuntu0.13.04.1)
	upstream	Pending (1.0.2)
	Patches: upstream: http://cgit.freedesktop.org/xorg/lib/libXp/commit/?id=15ec6d1d0bb8c4cb24a190ed34e63312a0623670 upstream: http://cgit.freedesktop.org/xorg/lib/libXp/commit/?id=babb1fc823ab3be192c48fe115feeb0d57f74d05 (1/3) upstream: http://cgit.freedesktop.org/xorg/lib/libXp/commit/?id=cc90f6be64bfd6973ae270b9bff494f577e1bda7 (2/3) upstream: http://cgit.freedesktop.org/xorg/lib/libXp/commit/?id=e111065f6dd790c820fa67ea31055b18c68481e3 (3/3)

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›