matthieu
fd18c20e72
regen
2016-10-11 22:14:30 +00:00
matthieu
1e4e5956d0
Protocol handling issues in libXv
...
The Xv query functions for adaptors and encodings suffer from out of boundary
accesses if a hostile X server sends a maliciously crafted response.
A previous fix already checks the received length against fixed values but
ignores additional length specifications which are stored inside the received
data.
These lengths are accessed in a for-loop. The easiest way to guarantee a
correct processing is by validating all lengths against the remaining size
left before accessing referenced memory.
This makes the previously applied check obsolete, therefore I removed it.
From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016
2016-10-04 15:09:40 +00:00
matthieu
eb9a486a3e
No NEWS is good NEWS - remove a bunch of files not present upstreams anymore
2015-05-10 09:51:55 +00:00
matthieu
f0a97458d0
Update to libXv 1.0.10
2013-09-28 17:51:20 +00:00
matthieu
61e2983c70
Fix a number of merge issues accumulated over the years
...
- INSTALL often got doubled by patch
- empty AUTHORS files didn't get removed.
2013-08-18 06:20:12 +00:00
guenther
b5bb12998e
Bump the major on every single base library. There are a couple
...
not bumped by this that will be corrected soon.
heavy lifting by todd@
2013-08-13 07:07:07 +00:00
matthieu
459e6d66cd
Update to libXv 1.0.9
2013-06-23 09:51:37 +00:00
matthieu
00c93c34f7
Update to libXv 1.0.8
2013-06-01 14:31:20 +00:00
matthieu
52f6d0ba20
Merge upstream fixes for several X libs vulnerabilities
...
discovered by Ilja van Sprundel.
CVE-2013-1981 X.org libX11 1.5.99.901 (1.6 RC1) integer overflows
CVE-2013-1982 X.org libXext 1.3.1 integer overflows
CVE-2013-1983 X.org libXfixes 5.0 integer overflows
CVE-2013-1984 X.org libXi 1.7.1 integer overflows
CVE-2013-1985 X.org libXinerama 1.1.2 integer overflows
CVE-2013-1986 X.org libXrandr 1.4.0 integer overflows
CVE-2013-1987 X.org libXrender 0.9.7 integer overflows
CVE-2013-1988 X.org libXRes 1.0.6 integer overflows
CVE-2013-1989 X.org libXv 1.0.7 integer overflows
CVE-2013-1990 X.org libXvMC 1.0.7 integer overflows
CVE-2013-1991 X.org libXxf86dga 1.1.3 integer overflows
CVE-2013-1992 X.org libdmx 1.1.2 integer overflows
CVE-2013-1994 X.org libchromeXvMC & libchromeXvMCPro in openChrome
0.3.2 integer overflows
CVE-2013-1995 X.org libXi 1.7.1 sign extension issues
CVE-2013-1996 X.org libFS 1.0.4 sign extension issues
CVE-2013-1997 X.org libX11 1.5.99.901 (1.6 RC1) buffer overflows
CVE-2013-1998 X.org libXi 1.7.1 buffer overflows
CVE-2013-1999 X.org libXvMC 1.0.7 buffer overflows
CVE-2013-2000 X.org libXxf86dga 1.1.3 buffer overflows
CVE-2013-2001 X.org libXxf86vm 1.1.2 buffer overflows
CVE-2013-2002 X.org libXt 1.1.3 buffer overflows
CVE-2013-2003 X.org libXcursor 1.1.13 integer overflows
CVE-2013-2004 X.org libX11 1.5.99.901 (1.6 RC1) unbounded recursion
CVE-2013-2005 X.org libXt 1.1.3 memory corruption
CVE-2013-2066 X.org libXv 1.0.7 buffer overflows
2013-05-23 22:42:07 +00:00
matthieu
26866f3012
Regen with util-macros 1.17. Fixes configure on landisk (and probably the
...
other gcc3 architectures).
2012-03-14 11:24:40 +00:00
matthieu
6938d0cb86
Update to libXv 1.0.7
2012-03-10 16:59:02 +00:00
matthieu
6e83747cf4
Update to libXv 1.0.6. No functional change.
2010-10-31 16:30:04 +00:00
matthieu
03c653d165
update to libXv 1.0.5
2009-10-31 18:54:56 +00:00
matthieu
a8393f0f0c
update to libXv 1.0.4
2008-05-24 13:46:47 +00:00
matthieu
7830df18ed
Regen with autoconf 2.59-p2, with AM_SANITY check zapped.
2008-03-15 18:08:24 +00:00
matthieu
8370179c25
regen
2007-07-29 10:50:16 +00:00
matthieu
930101c636
regen with libtool 1.5.22p10 and metaauto 0.7
2007-04-14 20:44:09 +00:00
matthieu
00a847b3f8
regen with libtool 1.5.22p9
2007-03-25 13:02:54 +00:00
matthieu
6637a9a36e
regen with automake 1.9.6p2
2007-03-18 22:29:12 +00:00
matthieu
5954aa6578
regen
2007-03-15 23:28:08 +00:00
matthieu
854f5def06
Bump major of shared libs that depend on libX11 (which already got bumped).
...
ok todd@
2007-03-15 23:00:47 +00:00
matthieu
8efe7f4fcd
regen
2006-12-17 10:50:47 +00:00
matthieu
1dab55791e
libXv 1.0.3
2006-12-17 10:48:31 +00:00
matthieu
cd9eb53273
regen
2006-11-28 19:02:33 +00:00
matthieu
b6a46a2b93
Try to prevent endless regeneration of Makefile.in caused to RCS Id expansion.
2006-11-28 11:48:11 +00:00
matthieu
882dc8459e
regenerate with OpenBSD autotools
2006-11-27 12:40:38 +00:00
matthieu
e5ca1d526f
regen with OpenBSD autotools
2006-11-26 13:42:42 +00:00
matthieu
ab5c078d6e
Build infrastructure for lib
2006-11-26 12:07:34 +00:00
matthieu
799832a039
import from X.Org 7.2RC2
2006-11-25 18:01:46 +00:00