matthieu
89e55bbf5a
Validation of server responses in XGetImage()
...
Check if enough bytes were received for specified image type and
geometry. Otherwise GetPixel and other functions could trigger an
out of boundary read later on.
From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016
2016-10-04 14:58:26 +00:00
matthieu
bd2560e2ec
The validation of server responses avoids out of boundary accesses.
...
From Tobias Stoeckmann / Xorg Securiry adrvisory Oct 4, 2016.
2016-10-04 14:56:37 +00:00
okan
27f67406f3
Remove support vax and XENOCARA_HAVE_SHARED_LIBS scaffolding.
...
ok matthieu@
2016-03-11 13:09:42 +00:00
matthieu
8252bb00ee
update to libX11 1.6.3
2015-04-06 20:57:55 +00:00
matthieu
936b4cf06e
Fix bad merges.
2015-01-01 17:37:52 +00:00
schwarze
01412a19db
fix wrong name in .TH, NAME, and SYNOPSIS (obviously bad pastos...)
...
ok matthieu@
2014-12-09 09:29:52 +00:00
matthieu
8c1effea43
Update to libX11 1.6.2. No API change.
2013-09-28 17:03:13 +00:00
matthieu
ce84febd9d
Update to libX11 1.6.1.
2013-08-26 19:57:22 +00:00
matthieu
acee5d3c07
Repair guenther's damage that I didn't ok.
2013-08-13 18:52:10 +00:00
guenther
426afb6384
Bump major on libX11-xcb to match the 64bit time_t change
2013-08-13 08:01:13 +00:00
guenther
b5bb12998e
Bump the major on every single base library. There are a couple
...
not bumped by this that will be corrected soon.
heavy lifting by todd@
2013-08-13 07:07:07 +00:00
matthieu
4b8a5f471a
Update to libX11 1.6.0
2013-06-04 03:19:34 +00:00
matthieu
9573aeb427
Update to libX11 1.5.99.902 aka 1.6rc2
2013-05-31 21:17:09 +00:00
matthieu
52f6d0ba20
Merge upstream fixes for several X libs vulnerabilities
...
discovered by Ilja van Sprundel.
CVE-2013-1981 X.org libX11 1.5.99.901 (1.6 RC1) integer overflows
CVE-2013-1982 X.org libXext 1.3.1 integer overflows
CVE-2013-1983 X.org libXfixes 5.0 integer overflows
CVE-2013-1984 X.org libXi 1.7.1 integer overflows
CVE-2013-1985 X.org libXinerama 1.1.2 integer overflows
CVE-2013-1986 X.org libXrandr 1.4.0 integer overflows
CVE-2013-1987 X.org libXrender 0.9.7 integer overflows
CVE-2013-1988 X.org libXRes 1.0.6 integer overflows
CVE-2013-1989 X.org libXv 1.0.7 integer overflows
CVE-2013-1990 X.org libXvMC 1.0.7 integer overflows
CVE-2013-1991 X.org libXxf86dga 1.1.3 integer overflows
CVE-2013-1992 X.org libdmx 1.1.2 integer overflows
CVE-2013-1994 X.org libchromeXvMC & libchromeXvMCPro in openChrome
0.3.2 integer overflows
CVE-2013-1995 X.org libXi 1.7.1 sign extension issues
CVE-2013-1996 X.org libFS 1.0.4 sign extension issues
CVE-2013-1997 X.org libX11 1.5.99.901 (1.6 RC1) buffer overflows
CVE-2013-1998 X.org libXi 1.7.1 buffer overflows
CVE-2013-1999 X.org libXvMC 1.0.7 buffer overflows
CVE-2013-2000 X.org libXxf86dga 1.1.3 buffer overflows
CVE-2013-2001 X.org libXxf86vm 1.1.2 buffer overflows
CVE-2013-2002 X.org libXt 1.1.3 buffer overflows
CVE-2013-2003 X.org libXcursor 1.1.13 integer overflows
CVE-2013-2004 X.org libX11 1.5.99.901 (1.6 RC1) unbounded recursion
CVE-2013-2005 X.org libXt 1.1.3 memory corruption
CVE-2013-2066 X.org libXv 1.0.7 buffer overflows
2013-05-23 22:42:07 +00:00
matthieu
f2c99c06c2
Update to libX11 1.6RC. No bump needed.
2013-04-28 16:55:55 +00:00
matthieu
be4020d279
Update to libX11 1.5.0
2012-06-11 19:18:54 +00:00
matthieu
08ecf5f3a3
Upate to libX11 1.5rc1. Tested by krw@, mpi@, shadchin@.
2012-03-27 19:19:37 +00:00
matthieu
f476ec5831
Fix _Xthr_once_stub_() to call the init routine for each different id.
...
With tweaks from and ok ariane@
2011-09-19 20:21:37 +00:00
matthieu
5577d754a3
Update to libX11 1.4.4. Tested by ajacoutot@, shadchin@.
2011-08-27 15:34:14 +00:00
dcoppa
651d3577d4
Fix libpthread linkage
...
OK matthieu@
2011-07-14 12:33:19 +00:00
matthieu
8cc0378bfd
Update to libX11 1.4.3 which was released during the 1.4.2 tests.
...
Mostly churn in the doc build system, which is disabled on Xenocara
for now.
2011-05-30 20:52:47 +00:00
matthieu
d6643088f7
those files were added by mistake. remove them
2011-05-30 20:48:00 +00:00
matthieu
857c658f08
Update to libx11 1.4.2. Tested by ajacoutot@, jasper@ krw@, landry@,
...
shadchin@ on various architectures.
Bump major.
2011-05-30 19:19:29 +00:00
matthieu
7ae39052df
xcb is no longer optional.
2011-03-08 20:48:59 +00:00
matthieu
54c946e7c3
Explicitely disable groff.
2010-10-22 19:50:32 +00:00
matthieu
502b62f99f
Update to libX11 1.3.6.
...
Tested by ajacoutot@, jasper@ and krw@.
2010-10-05 19:50:57 +00:00
matthieu
a6c32b4cbf
Add 2 missed files in previous update to libX11 1.3.5.
2010-09-04 10:36:30 +00:00
matthieu
6c940574a9
Update to libX11 1.3.5
2010-09-04 10:33:11 +00:00
matthieu
71cc7797d8
Disable the compose cache code.
...
It can't be used without proper libc locale support.
2010-06-01 05:26:44 +00:00
matthieu
aa3c9f9344
Update to libX11 1.3.3. Tested on a bulk ports build by naddy@.
2010-05-18 19:37:28 +00:00
matthieu
7edc2b5a56
Enable XCB on architectures with shared libs.
...
requested by sthen@.
2009-08-04 15:45:41 +00:00
matthieu
1793e9a798
Fix building without xcb. Found by david@. Thanks.
2009-06-04 16:36:07 +00:00
matthieu
72b4e41b8f
if XENOCARA_BUILD_XCB is set, build the XCB version of libX11.
2009-06-04 00:13:56 +00:00
matthieu
be2770bef1
Use XENOCARA_HAVE_SHARED_LIBS from bsd.xconf.mk instead of hard-coding
...
the list here.
2009-06-03 23:56:07 +00:00
matthieu
8bb5fd8a8f
update to libX11 1.2.1
2009-05-03 12:59:09 +00:00
matthieu
8d46f8e4f0
Update to libX11 1.1.4. I've carefully checked that there's no API/ABI
...
change in this version. Only small bug fixes, manual page fixes and
some more data in the i18n tables.
2008-06-11 20:55:41 +00:00
matthieu
f01cdd7229
- actually zero the memory returned by realloc().
...
- set the return value for the pthread_once() stub.
2008-06-10 22:01:31 +00:00
oga
eb88ad3f01
Include stdlib.h so we have the prototype for realloc. This means that we don't
...
assume realloc returns an int. This causes problems...
This took me hours to find.
Ok matthieu@.
2008-06-10 21:24:16 +00:00
matthieu
42f2fadde6
pthread_key_create(3) explicitely says that the value associated
...
with a new key is NULL. So set the allocated memory to zero.
2008-04-17 20:25:05 +00:00
matthieu
08aaed925b
- get rid of recalloc() that got introduced here.
...
- while there fix the computation of the new allocated size.
Issue reported by naddy@, ok naddy@.
2008-03-30 15:54:33 +00:00
naddy
e4bcb354a2
Fix segfaults if you use XDM-AUTHORIZATION-1 authorization keys for
...
remote X11 clients over IPv6. ok matthieu@
2008-03-18 15:50:38 +00:00
matthieu
7830df18ed
Regen with autoconf 2.59-p2, with AM_SANITY check zapped.
2008-03-15 18:08:24 +00:00
miod
c6e9e7751a
Disable loadable cursor on m88k systems (no shared libraries).
2008-02-14 20:28:10 +00:00
matthieu
bfba922c91
Re-enable pthread support in libGL, by providing proper weak stubs in
...
libX11 (together with other pthread stubs, already there for libX11).
ok kurt@, art@, kettenis@
2007-11-26 15:10:19 +00:00
matthieu
5f86a80368
Merge libX11 1.1.3
...
bump major
2007-09-30 10:35:10 +00:00
matthieu
a72daf0a1a
libX11 1.1.3
2007-09-30 10:11:57 +00:00
matthieu
8370179c25
regen
2007-07-29 10:50:16 +00:00
matthieu
930101c636
regen with libtool 1.5.22p10 and metaauto 0.7
2007-04-14 20:44:09 +00:00
todd
d943586aca
libX11 CVE-2007-1667
...
Multiple integer overflows in the XGetPixel() and XInitImage functions
in ImUtil.c
from matthieu@
2007-04-04 02:52:41 +00:00
matthieu
77cb7f251b
Revert local debug stuff that wasn't meant to be committed.
2007-03-25 13:22:40 +00:00