qbit/xenocara
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
6,799 Commits 1 Branch 0 Tags 396 MiB
76a0a851ab
Commit Graph

28 Commits

Author SHA1 Message Date
matthieu
c79b35190f Fix an integer overflow in init_om() that could lead to a double free. 
Reported by Jayden Rivers.
 2020-08-25 15:39:58 +00:00
matthieu
bb74146ca2 Fix a bug where some input clients can't connect to the input server. 
FreeBSD bugzilla reference:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248549
 2020-08-20 19:12:48 +00:00
matthieu
4c672aa51a Merge from upstream X.Org : Fix size calculation in _XimAttributeToValue 
The check here guards the read below.

For `XimType_XIMStyles`, these are `num` of `CARD32` and for
`XimType_XIMHotKeyTriggers` these are `num` of `XIMTRIGGERKEY` ref[1]
which is defined as 3 x `CARD32`.  (There are data after the
`XIMTRIGGERKEY` according to the spec but they are not read by this
function and doesn't need to be checked.)

The old code here used the native datatype size instead of the wire
protocol size causing the check to always fail.

Also fix the size calculation for the header (size). It is 2 x CARD16
for both types despite the unused `CARD16` for `XimType_XIMStyles`.

This fixes a regression caused by previous commit.
 2020-08-06 14:28:54 +00:00
matthieu
f22a219d59 Fixes for Heap corruption in the X input method client in libX11 
CVE-2020-14344

These where reported to X.Org and patches proposed by Todd Carson.
Thanks.
 2020-07-31 13:53:24 +00:00
matthieu
a400859a9c Update to libX11 1.6.8 riding the major bump caused by xtrans 1.4.0 2019-08-04 13:34:52 +00:00
matthieu
b39f51f9a1 Udate to libX11 1.6.6. bug fixes release - no API/ABI changes. 2018-08-23 19:38:11 +00:00
matthieu
20a75c6d0f Update to libX11 1.6.4 2016-11-03 10:21:30 +00:00
matthieu
fd18c20e72 regen 2016-10-11 22:14:30 +00:00
matthieu
8252bb00ee update to libX11 1.6.3 2015-04-06 20:57:55 +00:00
matthieu
8c1effea43 Update to libX11 1.6.2. No API change. 2013-09-28 17:03:13 +00:00
matthieu
ce84febd9d Update to libX11 1.6.1. 2013-08-26 19:57:22 +00:00
matthieu
4b8a5f471a Update to libX11 1.6.0 2013-06-04 03:19:34 +00:00
matthieu
52f6d0ba20 Merge upstream fixes for several X libs vulnerabilities 
discovered by Ilja van Sprundel.

CVE-2013-1981 X.org libX11 1.5.99.901 (1.6 RC1) integer overflows
CVE-2013-1982 X.org libXext 1.3.1 integer overflows
CVE-2013-1983 X.org libXfixes 5.0 integer overflows
CVE-2013-1984 X.org libXi 1.7.1 integer overflows
CVE-2013-1985 X.org libXinerama 1.1.2 integer overflows
CVE-2013-1986 X.org libXrandr 1.4.0 integer overflows
CVE-2013-1987 X.org libXrender 0.9.7 integer overflows
CVE-2013-1988 X.org libXRes 1.0.6 integer overflows
CVE-2013-1989 X.org libXv 1.0.7 integer overflows
CVE-2013-1990 X.org libXvMC 1.0.7 integer overflows
CVE-2013-1991 X.org libXxf86dga 1.1.3 integer overflows
CVE-2013-1992 X.org libdmx 1.1.2 integer overflows
CVE-2013-1994 X.org libchromeXvMC & libchromeXvMCPro in openChrome
0.3.2 integer overflows
CVE-2013-1995 X.org libXi 1.7.1 sign extension issues
CVE-2013-1996 X.org libFS 1.0.4 sign extension issues
CVE-2013-1997 X.org libX11 1.5.99.901 (1.6 RC1) buffer overflows
CVE-2013-1998 X.org libXi 1.7.1 buffer overflows
CVE-2013-1999 X.org libXvMC 1.0.7 buffer overflows
CVE-2013-2000 X.org libXxf86dga 1.1.3 buffer overflows
CVE-2013-2001 X.org libXxf86vm 1.1.2 buffer overflows
CVE-2013-2002 X.org libXt 1.1.3 buffer overflows
CVE-2013-2003 X.org libXcursor 1.1.13 integer overflows
CVE-2013-2004 X.org libX11 1.5.99.901 (1.6 RC1) unbounded recursion
CVE-2013-2005 X.org libXt 1.1.3 memory corruption
CVE-2013-2066 X.org libXv 1.0.7 buffer overflows
 2013-05-23 22:42:07 +00:00
matthieu
f2c99c06c2 Update to libX11 1.6RC. No bump needed. 2013-04-28 16:55:55 +00:00
matthieu
08ecf5f3a3 Upate to libX11 1.5rc1. Tested by krw@, mpi@, shadchin@. 2012-03-27 19:19:37 +00:00
matthieu
5577d754a3 Update to libX11 1.4.4. Tested by ajacoutot@, shadchin@. 2011-08-27 15:34:14 +00:00
matthieu
8cc0378bfd Update to libX11 1.4.3 which was released during the 1.4.2 tests. 
Mostly churn in the doc build system, which is disabled on Xenocara
for now.
 2011-05-30 20:52:47 +00:00
matthieu
857c658f08 Update to libx11 1.4.2. Tested by ajacoutot@, jasper@ krw@, landry@, 
shadchin@ on various architectures.
Bump major.
 2011-05-30 19:19:29 +00:00
matthieu
502b62f99f Update to libX11 1.3.6. 
Tested by ajacoutot@, jasper@ and krw@.
 2010-10-05 19:50:57 +00:00
matthieu
6c940574a9 Update to libX11 1.3.5 2010-09-04 10:33:11 +00:00
matthieu
aa3c9f9344 Update to libX11 1.3.3. Tested on a bulk ports build by naddy@. 2010-05-18 19:37:28 +00:00
matthieu
8bb5fd8a8f update to libX11 1.2.1 2009-05-03 12:59:09 +00:00
matthieu
8d46f8e4f0 Update to libX11 1.1.4. I've carefully checked that there's no API/ABI 
change in this version. Only small bug fixes, manual page fixes and
some more data in the i18n tables.
 2008-06-11 20:55:41 +00:00
matthieu
a72daf0a1a libX11 1.1.3 2007-09-30 10:11:57 +00:00
matthieu
6637a9a36e regen with automake 1.9.6p2 2007-03-18 22:29:12 +00:00
matthieu
1e6e3c3517 regen 2006-12-16 17:01:57 +00:00
matthieu
e5ca1d526f regen with OpenBSD autotools 2006-11-26 13:42:42 +00:00
matthieu
8ef0df6aa5 import from X.Org 7.2RC2 2006-11-25 16:33:55 +00:00