[ANNOUNCE] libX11 1.5.99.902 (1.6 RC2)
Alan Coopersmith
alan.coopersmith at oracle.com
Thu May 23 20:01:50 PDT 2013
I think it's about time for a second release candidate for Xlib 1.6, don't you?
This release is brought to you by the letters C, V, & E, and more numbers
than I can count, with a special guest appearance by the letters J́ and j́.
Please test & report any issues you find (by May 31 if possible).
Unless any blockers turn up, I plan to cut the final 1.6 release
the first week of June.
Alan Coopersmith (41):
Move big request comment in XOpenDisplay to the right place
Move repeated #ifdef magic to find PATH_MAX into a common header
Add _XEatDataWords to discard a given number of 32-bit words of reply data
integer overflow in _XQueryFont() on 32-bit platforms [CVE-2013-1981 1/13]
integer overflow in _XF86BigfontQueryFont() [CVE-2013-1981 2/13]
integer overflow in XListFontsWithInfo() [CVE-2013-1981 3/13]
integer overflow in XGetMotionEvents() [CVE-2013-1981 4/13]
integer overflow in XListHosts() [CVE-2013-1981 5/13]
unvalidated lengths in XAllocColorCells() [CVE-2013-1997 1/15]
unvalidated index in _XkbReadGetDeviceInfoReply() [CVE-2013-1997 2/15]
unvalidated indexes in _XkbReadGeomShapes() [CVE-2013-1997 3/15]
unvalidated indexes in _XkbReadGetGeometryReply() [CVE-2013-1997 4/15]
unvalidated index in _XkbReadKeySyms() [CVE-2013-1997 5/15]
unvalidated index in _XkbReadKeyActions() [CVE-2013-1997 6/15]
unvalidated index in _XkbReadKeyBehaviors() [CVE-2013-1997 7/15]
unvalidated index in _XkbReadModifierMap() [CVE-2013-1997 8/15]
unvalidated index in _XkbReadExplicitComponents() [CVE-2013-1997 9/15]
unvalidated index in _XkbReadVirtualModMap() [CVE-2013-1997 10/15]
unvalidated index/length in _XkbReadGetNamesReply() [CVE-2013-1997 11/15]
unvalidated length in _XimXGetReadData() [CVE-2013-1997 12/15]
Integer overflows in stringSectionSize() cause buffer overflow in ReadColornameDB() [CVE-2013-1981 6/13]
integer overflow in ReadInFile() in Xrm.c [CVE-2013-1981 7/13]
Unbounded recursion in GetDatabase() when parsing include files [CVE-2013-2004 1/2]
Unbounded recursion in _XimParseStringFile() when parsing include files [CVE-2013-2004 2/2]
integer truncation in _XimParseStringFile() [CVE-2013-1981 8/13]
integer overflows in TransFileName() [CVE-2013-1981 9/13]
integer overflow in XGetWindowProperty() [CVE-2013-1981 10/13]
integer overflow in XGetImage() [CVE-2013-1981 11/13]
integer overflow in XGetPointerMapping() & XGetKeyboardMapping() [CVE-2013-1981 12/13]
integer overflow in XGetModifierMapping() [CVE-2013-1981 13/13]
Avoid overflows in XListFonts() [CVE-2013-1997 13/15]
Avoid overflows in XGetFontPath() [CVE-2013-1997 14/15]
Avoid overflows in XListExtensions() [CVE-2013-1997 15/15]
Make XGetWindowProperty() always initialize returned values
Convert more _XEatData callers to _XEatDataWords
Remove more unnecessary casts from Xmalloc/calloc calls
Use calloc in XOpenDisplay to initialize structs containing pointers
_XkbReadGetMapReply: reject maxKeyCodes smaller than the minKeyCode
Give GNU & Solaris Studio compilers hints about XEatData branches
Free fs->properties in _XF86BigfontQueryFont overflow error path
libX11 1.5.99.902 (1.6 RC2)
Julien Cristau (1):
xkb: fix off-by-one in _XkbReadGetNamesReply and _XkbReadVirtualModMap
Matthieu Herrb (1):
XListFontsWithInfo: Re-decrement flist[0] before calling free() on it.
Niveditha Rau (1):
Make sure internal headers include required headers
Pander (1):
Add compose sequences for J́ and j́.
git tag: libX11-1.5.99.902
http://xorg.freedesktop.org/archive/individual/lib/libX11-1.5.99.902.tar.bz2
MD5: 0f1a38133d11d64ad02fecb508b049ed
SHA1: d7d6909b57804104a38e8f1ed1d5f639062b030a
SHA256: 9e6a28609e1857600d51d45b90f14853350176e00bd50c863603164f539cdf8c
http://xorg.freedesktop.org/archive/individual/lib/libX11-1.5.99.902.tar.gz
MD5: 04883210511cebec1d74dc9be184b82d
SHA1: d0101aa3ee027b90a801544982026ab0dcb661e9
SHA256: 82ae9cca7bc09f5236a57d18fa1cecf4ec0be6866316656eae39df43b5642c79
--
-Alan Coopersmith- alan.coopersmith at oracle.com
Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-devel/attachments/20130523/4e388da3/attachment.pgp>
More information about the xorg-devel
mailing list