matthieu
fd18c20e72
regen
2016-10-11 22:14:30 +00:00
matthieu
26cabdb32f
Validate lengths while parsing server data.
...
Individual lengths inside received server data can overflow
the previously reserved memory.
It is therefore important to validate every single length
field to not overflow the previously agreed sum of all invidual
length fields.
From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016
2016-10-04 15:05:13 +00:00
matthieu
9f957a9f79
Avoid OOB write in XRenderQueryFilters
...
The memory for filter names is reserved right after receiving the reply.
After that, filters are iterated and each individual filter name is
stored in that reserved memory.
The individual name lengths are not checked for validity, which means
that a malicious server can reserve less memory than it will write to
during each iteration.
From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016
2016-10-04 15:03:48 +00:00
matthieu
5a65a1959d
Update to libXrender 0.9.9
2015-05-10 09:25:49 +00:00
guenther
b5bb12998e
Bump the major on every single base library. There are a couple
...
not bumped by this that will be corrected soon.
heavy lifting by todd@
2013-08-13 07:07:07 +00:00
matthieu
6f80097364
Update to libXrender 0.9.8.
2013-06-14 21:35:39 +00:00
matthieu
52f6d0ba20
Merge upstream fixes for several X libs vulnerabilities
...
discovered by Ilja van Sprundel.
CVE-2013-1981 X.org libX11 1.5.99.901 (1.6 RC1) integer overflows
CVE-2013-1982 X.org libXext 1.3.1 integer overflows
CVE-2013-1983 X.org libXfixes 5.0 integer overflows
CVE-2013-1984 X.org libXi 1.7.1 integer overflows
CVE-2013-1985 X.org libXinerama 1.1.2 integer overflows
CVE-2013-1986 X.org libXrandr 1.4.0 integer overflows
CVE-2013-1987 X.org libXrender 0.9.7 integer overflows
CVE-2013-1988 X.org libXRes 1.0.6 integer overflows
CVE-2013-1989 X.org libXv 1.0.7 integer overflows
CVE-2013-1990 X.org libXvMC 1.0.7 integer overflows
CVE-2013-1991 X.org libXxf86dga 1.1.3 integer overflows
CVE-2013-1992 X.org libdmx 1.1.2 integer overflows
CVE-2013-1994 X.org libchromeXvMC & libchromeXvMCPro in openChrome
0.3.2 integer overflows
CVE-2013-1995 X.org libXi 1.7.1 sign extension issues
CVE-2013-1996 X.org libFS 1.0.4 sign extension issues
CVE-2013-1997 X.org libX11 1.5.99.901 (1.6 RC1) buffer overflows
CVE-2013-1998 X.org libXi 1.7.1 buffer overflows
CVE-2013-1999 X.org libXvMC 1.0.7 buffer overflows
CVE-2013-2000 X.org libXxf86dga 1.1.3 buffer overflows
CVE-2013-2001 X.org libXxf86vm 1.1.2 buffer overflows
CVE-2013-2002 X.org libXt 1.1.3 buffer overflows
CVE-2013-2003 X.org libXcursor 1.1.13 integer overflows
CVE-2013-2004 X.org libX11 1.5.99.901 (1.6 RC1) unbounded recursion
CVE-2013-2005 X.org libXt 1.1.3 memory corruption
CVE-2013-2066 X.org libXv 1.0.7 buffer overflows
2013-05-23 22:42:07 +00:00
matthieu
26866f3012
Regen with util-macros 1.17. Fixes configure on landisk (and probably the
...
other gcc3 architectures).
2012-03-14 11:24:40 +00:00
matthieu
14550f95a6
update to libXrender 0.9.7
2012-03-10 14:33:10 +00:00
matthieu
7da8b0321b
update to libXrender 0.9.6
2010-07-17 15:28:21 +00:00
matthieu
a5210f52a0
missed files in libXrender 0.9.5 update.
2009-10-31 18:42:41 +00:00
matthieu
e03850b02d
update to libXrender 0.9.5
2009-10-31 18:41:19 +00:00
matthieu
7830df18ed
Regen with autoconf 2.59-p2, with AM_SANITY check zapped.
2008-03-15 18:08:24 +00:00
matthieu
6261cdbe9e
merge libXrender 0.9.4
2007-09-30 07:51:53 +00:00
matthieu
d4ca04b2e7
libXrender 0.9.4
2007-09-30 07:47:05 +00:00
matthieu
8370179c25
regen
2007-07-29 10:50:16 +00:00
matthieu
930101c636
regen with libtool 1.5.22p10 and metaauto 0.7
2007-04-14 20:44:09 +00:00
matthieu
00a847b3f8
regen with libtool 1.5.22p9
2007-03-25 13:02:54 +00:00
matthieu
6637a9a36e
regen with automake 1.9.6p2
2007-03-18 22:29:12 +00:00
matthieu
5954aa6578
regen
2007-03-15 23:28:08 +00:00
matthieu
854f5def06
Bump major of shared libs that depend on libX11 (which already got bumped).
...
ok todd@
2007-03-15 23:00:47 +00:00
matthieu
cd9eb53273
regen
2006-11-28 19:02:33 +00:00
matthieu
b6a46a2b93
Try to prevent endless regeneration of Makefile.in caused to RCS Id expansion.
2006-11-28 11:48:11 +00:00
matthieu
882dc8459e
regenerate with OpenBSD autotools
2006-11-27 12:40:38 +00:00
matthieu
e5ca1d526f
regen with OpenBSD autotools
2006-11-26 13:42:42 +00:00
matthieu
ab5c078d6e
Build infrastructure for lib
2006-11-26 12:07:34 +00:00
matthieu
bb1ca95773
import from X.Org 7.2RC1
2006-11-25 17:54:58 +00:00