xenocara/lib
matthieu ce0f69616f Out of boundary access and endless loop in libXtst
A lack of range checks in libXtst allows out of boundary accesses.
The checks have to be done in-place here, because it cannot be done
without in-depth knowledge of the read data.

If XRecordStartOfData, XRecordEndOfData, or XRecordClientDied
without a client sequence have attached data, an endless loop would
occur. The do-while-loop continues until the current index reaches
the end. But in these cases, the current index would not be
incremented, leading to an endless processing.

From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016
2016-10-04 15:08:08 +00:00
..
fontconfig chown -h symbolic links in conf.d. Needed for noperm release. 2016-10-02 09:19:28 +00:00
freetype just dump the major. freetype changes probably extend beyond just the 2016-08-09 17:41:23 +00:00
libdmx No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libdrm Merge libdrm 2.4.67 2016-03-20 10:41:29 +00:00
libepoxy remove sparc 2016-09-01 10:37:40 +00:00
libfontenc Update to libfontenc 1.1.3 2015-05-10 09:27:16 +00:00
libFS update to libFS 1.0.7 2015-05-10 09:23:34 +00:00
libGLU Update to GLU 9.0.0, GLU was previously part of Mesa but is now seperate. 2013-09-01 03:51:12 +00:00
libGLw Bump the major on every single base library. There are a couple 2013-08-13 07:07:07 +00:00
libICE No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libpciaccess Only include <sys/memrange.h> on i386/amd64 as it really isi 2015-07-07 12:52:54 +00:00
libpthread-stubs Bump the major on every single base library. There are a couple 2013-08-13 07:07:07 +00:00
libSM No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libtxc_dxtn custom is to do NOPROFILE= in X libs, continue this here too 2013-09-05 22:14:39 +00:00
libX11 Validation of server responses in XGetImage() 2016-10-04 14:58:26 +00:00
libXau No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libXaw Fix installation of libXaw.so.15.0 link. 2016-10-02 19:11:16 +00:00
libxcb Update to xcb-proto/libxcb 1.12. "Just commit it" naddy@ 2016-09-02 10:09:43 +00:00
libXcomposite No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libXcursor No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libXdamage Bump the major on every single base library. There are a couple 2013-08-13 07:07:07 +00:00
libXdmcp No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libXext No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libXfixes Integer overflow on illegal server response 2016-10-04 14:59:47 +00:00
libXfont Update to libXfont 1.5.2 2016-09-02 11:00:05 +00:00
libXfontcache Bump the major on every single base library. There are a couple 2013-08-13 07:07:07 +00:00
libXft Bump following freetype update. 2016-05-29 11:59:59 +00:00
libXi Properly validate server responses 2016-10-04 15:01:03 +00:00
libXinerama No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libxkbfile update to libxkbfile 1.0.9 2015-05-10 09:32:36 +00:00
libxkbui Bump the major on every single base library. There are a couple 2013-08-13 07:07:07 +00:00
libXmu No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libXpm Update to libXpm 3.5.11 2013-09-28 17:40:32 +00:00
libXrandr Avoid out of boundary accesses on illegal responses 2016-10-04 15:02:31 +00:00
libXrender Validate lengths while parsing server data. 2016-10-04 15:05:13 +00:00
libXRes remove useless diffs with upstream 2015-05-10 09:39:35 +00:00
libXScrnSaver Set owner and group of the XScreenSaver(3) manpage symlink. 2016-10-02 09:28:53 +00:00
libXt Update to libXt 1.1.5 2015-05-10 09:26:33 +00:00
libxtrans No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libXtst Out of boundary access and endless loop in libXtst 2016-10-04 15:08:08 +00:00
libXv No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libXvMC No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
libXxf86dga Bump the major on every single base library. There are a couple 2013-08-13 07:07:07 +00:00
libXxf86misc Bump the major on every single base library. There are a couple 2013-08-13 07:07:07 +00:00
libXxf86vm update to libXxf86vm 1.1.4 2015-04-06 13:27:36 +00:00
mesa Disable the code that allocates W|X memory. There is fallback code that 2016-07-25 20:12:06 +00:00
pixman revert pixman-vmx.c to the version of pixman-0.32.8. 2016-10-03 06:57:44 +00:00
xcb-util Update to xcb-util 0.4.0 2015-04-06 12:38:11 +00:00
xcb-util-cursor Minor update to xcb-util-cursor-0.1.2 2015-03-30 07:16:53 +00:00
xcb-util-image Update to xcb-util-image 0.4.0 2015-04-06 12:39:04 +00:00
xcb-util-keysyms Update to xcb-util-keysyms 0.4.0 2015-04-06 12:39:42 +00:00
xcb-util-renderutil Uodate to xcb-util-renderutil 0.3.9 2014-06-15 09:00:40 +00:00
xcb-util-wm Import xcb-util-wm 0.4.1 2014-04-14 19:31:46 +00:00
Makefile remove XENOCARA_BUILD_PIXMAN all platforms now build pixman 2016-04-01 03:15:15 +00:00