[ANNOUNCE] libXres 1.0.7
Alan Coopersmith
alan.coopersmith at oracle.com
Thu May 30 17:55:56 PDT 2013
libXRes is the Xlib-based client library for the X-Resource extension.
This release primarily provides the fix for the recently announced
security vulnerability CVE-2013-1988, along with improved compatibility
with future automake releases.
Alan Coopersmith (5):
Replace deprecated Automake INCLUDES variable with AM_CPPFLAGS
Use _XEatDataWords to avoid overflow of rep.length shifting
integer overflow in XResQueryClients() [CVE-2013-1988 1/2]
integer overflow in XResQueryClientResources() [CVE-2013-1988 2/2]
libXres 1.0.7
git tag: libXres-1.0.7
git branch: libXres-1.0-branch
http://xorg.freedesktop.org/archive/individual/lib/libXres-1.0.7.tar.bz2
MD5: 45ef29206a6b58254c81bea28ec6c95f
SHA1: 45e09c6b771af5d8c448ce31de65d15bf83b7579
SHA256: 26899054aa87f81b17becc68e8645b240f140464cf90c42616ebb263ec5fa0e5
http://xorg.freedesktop.org/archive/individual/lib/libXres-1.0.7.tar.gz
MD5: 7fad9ab34201bb4adffcbf0cd7e87a89
SHA1: 30453be50d1d4c49bea02558ac76230fdefc68e1
SHA256: 488c9fa14b38f794d1f019fe62e6b06514a39f1a7538e55ece8faf22482fefcd
--
-Alan Coopersmith- alan.coopersmith at oracle.com
Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-announce/attachments/20130530/1bf820c9/attachment.pgp>
More information about the xorg-announce
mailing list