[ANNOUNCE] libXext 1.3.2

Alan Coopersmith alan.coopersmith at oracle.com
Fri May 31 14:56:44 PDT 2013


libXext is the historical libX11-based catchall library for the X11
extensions without their own libraries.

This release provides fixes for the recently announced security issue
CVE-2013-1982, as well as build configuration improvements, man page
macro cleanups to work better with doclifter, and several other small
fixes.

Adam Jackson (1):
      configure: Remove AM_MAINTAINER_MODE

Alan Coopersmith (8):
      Use _XEatDataWords to avoid overflow of rep.length bit shifting
      integer overflow in XcupGetReservedColormapEntries() [CVE-2013-1982 1/6]
      integer overflow in XcupStoreColors() [CVE-2013-1982 2/6]
      several integer overflows in XdbeGetVisualInfo() [CVE-2013-1982 3/6]
      integer overflow in XeviGetVisualInfo() [CVE-2013-1982 4/6]
      integer overflow in XShapeGetRectangles() [CVE-2013-1982 5/6]
      integer overflow in XSyncListSystemCounters() [CVE-2013-1982 6/6]
      libXext 1.3.2

Chase Douglas (1):
      Destroy generic event extension after last display is removed

Colin Walters (1):
      autogen.sh: Implement GNOME Build API

Eric S. Raymond (2):
      Replace various unsafe presentation-level requests with .RS/.RE and .EX/EE.
      Replace presentationm-level requests with .RS/RE.

Peter Hutterer (1):
      sync: fix copy/paste error in comment

Thomas Klausner (1):
      Avoid having macros expand code to be: ((f) ? (f)->m1 : NULL)->m2

git tag: libXext-1.3.2

http://xorg.freedesktop.org/archive/individual/lib/libXext-1.3.2.tar.bz2
MD5:  4376101e51bb2c6c44d9ab14344e85ad
SHA1: 49b6f026b0555d020014dbc24b49afc2986a30e0
SHA256: f829075bc646cdc085fa25d98d5885d83b1759ceb355933127c257e8e50432e0

http://xorg.freedesktop.org/archive/individual/lib/libXext-1.3.2.tar.gz
MD5:  782d2106cee9af4fa5c47176d0b77a15
SHA1: aad204a4795e8829fe99680ff584cf91200c52f1
SHA256: 7b770217633236977008b1fb39715a4f0a35836c760996066300bdeac1e3956c


-- 
	-Alan Coopersmith-              alan.coopersmith at oracle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-announce/attachments/20130531/059fccde/attachment.pgp>


More information about the xorg-announce mailing list