[ANNOUNCE] libFS 1.0.5

Alan Coopersmith alan.coopersmith at oracle.com
Tue May 28 17:39:04 PDT 2013

libFS is the protocol binding library used by clients of X Font Servers (xfs),
such as xfsinfo, fslsfonts, and the X servers themselves.

This minor bugfix release includes the fix for the security issue recently
reported as CVE-2013-1996, as well as a number of other cleanups of the
memory allocation & error handling code noticed while working on that.

Adam Jackson (1):
      configure: Remove AM_MAINTAINER_MODE

Alan Coopersmith (9):
      Replace deprecated Automake INCLUDES variable with AM_CPPFLAGS
      Get rid of unnecessary casts in FS*alloc calls
      Get rid of unnecessary casts in FSfree calls
      Use NULL instead of 0 for null pointers
      Avoid reading outside bounds when _FSReply receives an Error response
      Avoid accessing freed memory on realloc failure in FSListFontsWithXInfo
      Get rid of more duplication in error cleanup code in FSListFontsWithXInfo
      Sign extension issue and integer overflow in FSOpenServer() [CVE-2013-1996]
      libFS 1.0.5

Colin Walters (1):
      autogen.sh: Implement GNOME Build API

Thomas Klausner (1):
      Fix a prototype error

git tag: libFS-1.0.5

MD5:  e3c77ca27942ebc5eb2ca99f29363515
SHA1: 3a94bc42775f4aa2eac14a51e0043299d7cd31b6
SHA256: 22eb3005dd8053aef7ff82758da5dd59ca9738410bcf847e675780e3a1f96107

MD5:  c380f6c782e47de394fbd3c2774f2bf8
SHA1: dd5b5e71270dcfe4156c0ee5aa4453421fd06a40
SHA256: c4d925393997dbc41cc7f4a871dde3c54039043845e6e3d13c6c887c53c7a1d9

	-Alan Coopersmith-              alan.coopersmith at oracle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-announce/attachments/20130528/1f592608/attachment.pgp>

More information about the xorg-announce mailing list