|
|
Fixes:
CVE-2014-6051 and
CVE-2014-6052 denial of service and possible code execution via
integer overflow and lack of malloc error handling in
MallocFrameBuffer()
CVE-2014-6053 denial of service via large ClientCutText message.
CVE-2014-6054 denial of service via zero scaling factor.
CVE-2014-6055 denial of service and possible code execution via
stack overflows in File Transfer feature.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
