CVE-2013-1994
Published: 23 May 2013
Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions.
Priority
Status
Package | Release | Status |
---|---|---|
xserver-xorg-video-openchrome Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(1:0.2.904+svn1050-1ubuntu0.1)
|
|
quantal |
Released
(1:0.3.1-0ubuntu1.12.10.1)
|
|
raring |
Released
(1:0.3.1-0ubuntu1.13.04.1)
|
|
upstream |
Needed
|
|
Patches: upstream: http://cgit.freedesktop.org/openchrome/xf86-video-openchrome/commit/?id=68bf50ce4903ec93da59cea78e063ed7c3882d3e upstream: http://cgit.freedesktop.org/openchrome/xf86-video-openchrome/commit/?id=db309e3cd87a1279e8b592a692390755c528de4f |
||
xserver-xorg-video-openchrome-lts-quantal Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Released
(1:0.3.1-0ubuntu1~precise3)
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
upstream |
Needed
|