[ANNOUNCE] libXv 1.0.8

Alan Coopersmith alan.coopersmith at oracle.com
Fri May 31 17:55:23 PDT 2013


libXv is the Xlib-based client library for the X Video (Xv) extension.

This release delivers the fixes for the recently announced security issues
CVE-2013-1989 & CVE-2013-2066, plus a couple build configuration changes
and man page fixes.

Adam Jackson (1):
      configure: Remove AM_MAINTAINER_MODE

Alan Coopersmith (6):
      Use _XEatDataWords to avoid overflow of rep.length shifting
      integer overflow in XvQueryPortAttributes() [CVE-2013-1989 1/3]
      buffer overflow in XvQueryPortAttributes() [CVE-2013-2066]
      integer overflow in XvListImageFormats() [CVE-2013-1989 2/3]
      integer overflow in XvCreateImage() [CVE-2013-1989 3/3]
      libXv 1.0.8

Colin Walters (1):
      autogen.sh: Implement GNOME Build API

Thomas Klausner (1):
      Uppercase SH arguments.

git tag: libXv-1.0.8

http://xorg.freedesktop.org/archive/individual/lib/libXv-1.0.8.tar.bz2
MD5:  224dadca53d9c88f8a2b8945babcea70
SHA1: ee221d269c757d2a658ef758fd49c15c71cfd1ee
SHA256: 4f00eb5347390909cea4e53a69425839d2a6a44e0e0613321d59e7e4aeaf73d7

http://xorg.freedesktop.org/archive/individual/lib/libXv-1.0.8.tar.gz
MD5:  07468c9c263c8a351832242a531712fd
SHA1: 36838462c01a7fc0c8c21f07c6a06c8c806c270f
SHA256: 7b592f1e96597429a0c22b54c79d572a06214a51408e3f5b653bc7f1b83162b1

-- 
	-Alan Coopersmith-              alan.coopersmith at oracle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-announce/attachments/20130531/8930ba17/attachment.pgp>


More information about the xorg-announce mailing list