"The X Input Method (XIM) client implementation in libX11 has some
integer overflows and signed/unsigned comparison issues that can lead
to heap corruption when handling malformed messages from an input
"libX11 1.6.10 will be released shortly and will include those patches."
Bump when ready, thanks!
The bug has been referenced in the following commit(s):
Author: Matt Turner <email@example.com>
AuthorDate: 2020-07-31 19:38:49 +0000
Commit: Matt Turner <firstname.lastname@example.org>
CommitDate: 2020-07-31 19:42:14 +0000
x11-libs/libX11: Version bump to 1.6.10
Signed-off-by: Matt Turner <email@example.com>
x11-libs/libX11/Manifest | 1 +
x11-libs/libX11/libX11-1.6.10.ebuild | 30 ++++++++++++++++++++++++++++++
2 files changed, 31 insertions(+)
Thanks. Tell us when ready to stable.
Unable to check for sanity:
> no match for package: dev-libs/libX11-1.6.10
1.6.11 will be released this week with a fix for the blocking bug. We'll stabilize that instead.
(In reply to Matt Turner from comment #5)
> 1.6.11 will be released this week with a fix for the blocking bug. We'll
> stabilize that instead.
Resetting sanity check; keywords are not fully specified and arches are not CC-ed.
This issue was resolved and addressed in
GLSA 202008-18 at https://security.gentoo.org/glsa/202008-18
by GLSA coordinator Sam James (sam_c).