---
- branch: MAIN
  date: Tue Jan  7 07:43:16 UTC 2014
  files:
  - new: '1.3'
    old: '1.2'
    path: xsrc/xfree/xc/lib/font/bitmap/bdfread.c
    pathrev: xsrc/xfree/xc/lib/font/bitmap/bdfread.c@1.3
    type: modified
  id: 20140107T074316Z.fc09b09a699fcd8d7b6c1a86345c3e49dbf58626
  log: |
    CVE-2013-6462:
    From aeabb3efa6905e11c479e2e5319f2b6b3ab22009 Mon Sep 17 00:00:00 2001
    From: Alan Coopersmith <alan.coopersmith@oracle.com>
    Date: Mon, 23 Dec 2013 18:34:02 -0800
    Subject: [PATCH:libXfont 1/2] CVE-2013-XXXX: unlimited sscanf can overflow
     stack buffer in bdfReadCharacters()

    Fixes cppcheck warning:
     [lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
      scanf without field width limits can crash with huge input data.

    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
    Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    ---
     src/bitmap/bdfread.c |    2 +-
     1 file changed, 1 insertion(+), 1 deletion(-)
  module: xsrc
  subject: 'CVS commit: xsrc/xfree/xc/lib/font/bitmap'
  unixtime: '1389080596'
  user: wiz