iDefense has sent us the attached draft advisory
Created attachment 12944 [details] Draft advisory
Summary is wrong, this is a bug in XFree86-Misc, not XC-MISC. The advisory should absolutely not recommend disabling XC-MISC, it is not affected, and it's basically not possible to run any large app without XC-MISC enabled.
Created attachment 13036 [details] [review] Proposed fix
(In reply to comment #3) Shouldn't that be >= xf86NumScreens ? Do we also need to check for < 0 since it's a signed int?
Created attachment 13098 [details] Testcase Testcase for this bug - it crashes Xorg on a single head system when run with an argument of 1 for the screen number with the ">" fix in, so it appears ">=" is needed.
Patch has been committed: bbde5b62a137ba726a747b838d81e92d72c1b42b and this is public now
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.