[ANNOUNCE] libXfont 1.5.1
Alan Coopersmith
alan.coopersmith at oracle.com
Tue Mar 17 08:35:59 PDT 2015
This release of libXfont provides the fixes for today's security advisory
about BDF font parsing bugs. Like libXfont 1.5.0, it requires fontsproto
2.1.3 or later and will not build cleanly with older versions.
Alan Coopersmith (6):
Remove unneeded checks for #ifndef X_NOT_POSIX
Use 'imdent' to realign cpp indentation levels in fslibos.h
bdfReadProperties: property count needs range check [CVE-2015-1802]
bdfReadCharacters: bailout if a char's bitmap cannot be read [CVE-2015-1803]
bdfReadCharacters: ensure metrics fit into xCharInfo struct [CVE-2015-1804]
libXfont 1.5.1
Christos Zoulas (1):
Set close-on-exec for font file I/O.
git tag: libXfont-1.5.1
http://xorg.freedesktop.org/archive/individual/lib/libXfont-1.5.1.tar.bz2
MD5: 96f76ba94b4c909230bac1e2dcd551c4
SHA1: e63a354de5dc2d8cba08d50add1519471412a618
SHA256: b70898527c73f9758f551bbab612af611b8a0962202829568d94f3edf4d86098
PGP: http://xorg.freedesktop.org/archive/individual/lib/libXfont-1.5.1.tar.bz2.sig
http://xorg.freedesktop.org/archive/individual/lib/libXfont-1.5.1.tar.gz
MD5: 8b621c4a57c114eb07eb4977e3106f9f
SHA1: f85d51d7b26c66bf84b1c1394f282127d9bad12a
SHA256: 7c65c8ac581a162ff4c8cd86c1db9e9f425132eb65b1cba0c9e905c6cb8a45f5
PGP: http://xorg.freedesktop.org/archive/individual/lib/libXfont-1.5.1.tar.gz.sig
--
-Alan Coopersmith- alan.coopersmith at oracle.com
Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-announce/attachments/20150317/93d831ff/attachment.sig>
More information about the xorg-announce
mailing list