[ANNOUNCE] libXp 1.0.2

Alan Coopersmith alan.coopersmith at oracle.com
Thu May 30 17:47:26 PDT 2013

libXp is the Xlib client library for the X Print extension, which was
primarily used via the Xprt server, though that is rarely found any more.
However, as some clients for it previously existed, the library remains
for backwards compatibility with them.

This bug fix release delivers the fixes for the recently announced security
vulnerability CVE-2013-2062, alongside the last couple years accumulation
of janitorial cleanups, compiler warning fixes, and adjustments to remain
compatible with changes in new and future automake releases.

Alan Coopersmith (10):
      Strip trailing whitespace
      Stop trying to use NULL for Status values
      Fix XpEventToWire arguments to match what libXext expects
      Add const qualifiers to silence gcc -Wwrite-strings warnings
      Replace deprecated Automake INCLUDES variable with AM_CPPFLAGS
      Use _XEatDataWords to avoid overflow of rep.length bit shifting
      integer overflow in XpGetAttributes & XpGetOneAttribute [CVE-2013-2062 1/3]
      integer overflows in XpGetPrinterList() [CVE-2013-2062 2/3]
      integer overflows in XpQueryScreens() [CVE-2013-2062 3/3]
      libXp 1.0.2

git tag: libXp-1.0.2

MD5:  bb038577c7f4e42a1b675fa6451bc4aa
SHA1: bac586283c089536e526529de21b13778a428c07
SHA256: 952fe5b5e90abd2cf04739aef3a9b63a253cd9309ed066a82bab7ca9112fd0b5

MD5:  8e639393176ebcbdb06731256cd1ef58
SHA1: 01e1bc35938b9b8cdd2f665296e20c5384be474c
SHA256: 4216bb79a469271bd114bd6c7893d965f7d36246943c9f495c2517aaa86376b1

	-Alan Coopersmith-              alan.coopersmith at oracle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-announce/attachments/20130530/c72b650e/attachment.pgp>

More information about the xorg-announce mailing list