Update to libXv 1.0.11

5 files changed, 55 insertions, 13 deletions

diff --git a/lib/libXv/ChangeLog b/lib/libXv/ChangeLog
index b8c4e8844..8afa56a81 100644
--- a/lib/libXv/ChangeLog
+++ b/lib/libXv/ChangeLog
@@ -1,3 +1,45 @@
+commit ef2a282876acc2316d338f8b66344ad5a2947057
+Author: Matthieu Herrb <matthieu.herrb@laas.fr>
+Date:   Tue Oct 4 21:29:55 2016 +0200
+
+    libXv 1.0.11
+    
+    Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
+
+commit d9da580b46a28ab497de2e94fdc7b9ff953dab17
+Author: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date:   Sun Sep 25 21:30:03 2016 +0200
+
+    Protocol handling issues in libXv - CVE-2016-5407
+    
+    The Xv query functions for adaptors and encodings suffer from out of
+    boundary accesses if a hostile X server sends a maliciously crafted
+    response.
+    
+    A previous fix already checks the received length against fixed values
+    but ignores additional length specifications which are stored inside
+    the received data.
+    
+    These lengths are accessed in a for-loop. The easiest way to guarantee
+    a correct processing is by validating all lengths against the
+    remaining size left before accessing referenced memory.
+    
+    This makes the previously applied check obsolete, therefore I removed
+    it.
+    
+    Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+    Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
+
+commit cf8cc328f1e370a548b71581bada7e1ee073c756
+Author: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date:   Sat Jul 26 14:07:26 2014 -0700
+
+    Fix typo in dependencies for lint library
+    
+    Breaks out of tree lintlib builds by causing VPATH lookup to fail.
+    
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+
 commit 736d7ac5a94c7aa6761d50ab58339a3d9a116c51
 Author: Alan Coopersmith <alan.coopersmith@oracle.com>
 Date:   Sat Sep 7 22:19:48 2013 -0700
diff --git a/lib/libXv/configure b/lib/libXv/configure
index b3403043d..bb3e032ed 100644
--- a/lib/libXv/configure
+++ b/lib/libXv/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for libXv 1.0.10.
+# Generated by GNU Autoconf 2.69 for libXv 1.0.11.
 #
 # Report bugs to <https://bugs.freedesktop.org/enter_bug.cgi?product=xorg>.
 #
@@ -591,8 +591,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='libXv'
 PACKAGE_TARNAME='libXv'
-PACKAGE_VERSION='1.0.10'
-PACKAGE_STRING='libXv 1.0.10'
+PACKAGE_VERSION='1.0.11'
+PACKAGE_STRING='libXv 1.0.11'
 PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=xorg'
 PACKAGE_URL=''
 
@@ -1361,7 +1361,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures libXv 1.0.10 to adapt to many kinds of systems.
+\`configure' configures libXv 1.0.11 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1431,7 +1431,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of libXv 1.0.10:";;
+     short | recursive ) echo "Configuration of libXv 1.0.11:";;
    esac
   cat <<\_ACEOF
 
@@ -1559,7 +1559,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-libXv configure 1.0.10
+libXv configure 1.0.11
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1883,7 +1883,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by libXv $as_me 1.0.10, which was
+It was created by libXv $as_me 1.0.11, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2712,7 +2712,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='libXv'
- VERSION='1.0.10'
+ VERSION='1.0.11'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -18385,7 +18385,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by libXv $as_me 1.0.10, which was
+This file was extended by libXv $as_me 1.0.11, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -18451,7 +18451,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-libXv config.status 1.0.10
+libXv config.status 1.0.11
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff --git a/lib/libXv/configure.ac b/lib/libXv/configure.ac
index 4d651b557..4e68999e6 100644
--- a/lib/libXv/configure.ac
+++ b/lib/libXv/configure.ac
@@ -22,7 +22,7 @@
 
 # Initialize Autoconf
 AC_PREREQ([2.60])
-AC_INIT([libXv], [1.0.10],
+AC_INIT([libXv], [1.0.11],
         [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [libXv])
 AC_CONFIG_SRCDIR([Makefile.am])
 AC_CONFIG_HEADERS([config.h])
diff --git a/lib/libXv/src/Makefile.am b/lib/libXv/src/Makefile.am
index 094847433..06e9ffd0d 100644
--- a/lib/libXv/src/Makefile.am
+++ b/lib/libXv/src/Makefile.am
@@ -23,7 +23,7 @@ lintlibdir = $(libdir)
 
 lintlib_DATA = $(LINTLIB)
 
-$(LINTLIB): $(libXau_la_SOURCES)
+$(LINTLIB): $(libXv_la_SOURCES)
 	$(LINT) -y -oXv -x $(ALL_LINT_FLAGS) $(libXv_la_SOURCES)
 
 CLEANFILES = $(LINTLIB)
diff --git a/lib/libXv/src/Makefile.in b/lib/libXv/src/Makefile.in
index 89f7dd709..1534a5e88 100644
--- a/lib/libXv/src/Makefile.in
+++ b/lib/libXv/src/Makefile.in
@@ -659,7 +659,7 @@ uninstall-am: uninstall-libLTLIBRARIES uninstall-lintlibDATA
 @LINT_TRUE@lint:
 @LINT_TRUE@	$(LINT) $(ALL_LINT_FLAGS) $(libXv_la_SOURCES) $(XV_LIBS)
 
-@MAKE_LINT_LIB_TRUE@$(LINTLIB): $(libXau_la_SOURCES)
+@MAKE_LINT_LIB_TRUE@$(LINTLIB): $(libXv_la_SOURCES)
 @MAKE_LINT_LIB_TRUE@	$(LINT) -y -oXv -x $(ALL_LINT_FLAGS) $(libXv_la_SOURCES)
 
 # Tell versions [3.59,3.63) of GNU make to not export all variables.