| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-04-25 | Update to libX11 1.7.5. No API / ABI changes. ok tb@ | Matthieu Herrb | |
| 2022-02-21 | Update to libX11 1.7.3.1. ok jsg@ who noticed this requires a major bump. | Matthieu Herrb | |
| 2021-08-30 | Upate to libX11 1.7.2 | Matthieu Herrb | |
| 2021-05-22 | Check strlen(spec) only once at the beginning of XLookupColor(). | Alexander Bluhm | |
| Also remove a superfluous include. This synchronises -current with upstream and the code we shipped in the errata. OK matthieu@ | |||
| 2021-05-18 | Reject string longer than USHRT_MAX before sending them on the wire | Matthieu Herrb | |
| The X protocol uses CARD16 values to represent the length so this would overflow. CVE-2021-31535 | |||
| 2020-11-28 | Update to libX11 1.7.0. Tested by gkoehler@ and jsg@ | Matthieu Herrb | |
| 2020-08-25 | Fix an integer overflow in init_om() that could lead to a double free. | Matthieu Herrb | |
| Reported by Jayden Rivers. | |||
| 2020-08-20 | Fix a bug where some input clients can't connect to the input server. | Matthieu Herrb | |
| FreeBSD bugzilla reference: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248549 | |||
| 2020-08-06 | Merge from upstream X.Org : Fix size calculation in `_XimAttributeToValue` | Matthieu Herrb | |
| The check here guards the read below. For `XimType_XIMStyles`, these are `num` of `CARD32` and for `XimType_XIMHotKeyTriggers` these are `num` of `XIMTRIGGERKEY` ref[1] which is defined as 3 x `CARD32`. (There are data after the `XIMTRIGGERKEY` according to the spec but they are not read by this function and doesn't need to be checked.) The old code here used the native datatype size instead of the wire protocol size causing the check to always fail. Also fix the size calculation for the header (size). It is 2 x CARD16 for both types despite the unused `CARD16` for `XimType_XIMStyles`. This fixes a regression caused by previous commit. | |||
| 2020-07-31 | Fixes for Heap corruption in the X input method client in libX11 | Matthieu Herrb | |
| CVE-2020-14344 These where reported to X.Org and patches proposed by Todd Carson. Thanks. | |||
| 2020-01-04 | Uppdate to libX11 1.6.9. Tested by krw@ and naddy@ | Matthieu Herrb | |
| 2019-09-05 | Fix gcc3 specific error. The diff is based on latest upstream change. | Kenji Aoyama | |
| suggested by jsg@, tested on luna88k by me, ok by jsg@ and matthieu@ | |||
| 2019-08-04 | Update to libX11 1.6.8 riding the major bump caused by xtrans 1.4.0 | Matthieu Herrb | |
| 2019-08-04 | Update to libxtrans 1.4.0. Major bumps for libX11 and libICE. | Matthieu Herrb | |
| no objections from naddy@, espie@ and ajacoutot@ | |||
| 2018-10-20 | Update to libX11 1.6.7 | Matthieu Herrb | |
| 2018-08-23 | Udate to libX11 1.6.6. bug fixes release - no API/ABI changes. | Matthieu Herrb | |
| 2017-10-23 | This file isn't built anymore. So remove diffs with upstreams. | Matthieu Herrb | |
| 2017-02-28 | Update to libX11 1.6.5 | Matthieu Herrb | |
| 2016-11-03 | Update to libX11 1.6.4 | Matthieu Herrb | |
| 2016-11-03 | Remove stale files | Matthieu Herrb | |
| 2016-10-11 | regen | Matthieu Herrb | |
| 2016-10-08 | ks_tables.h is always considered out of date due to the forced rebuild | Martin Natano | |
| of the makekeys util. This means it's also rebuilt during install. First as root during build, later by the BUILDUSER during release, which won't be able to rewrite it, because it's now owned by root. With this result: override rw-r--r-- root/wheel for ks_tables.h? One step closer towards noperm release builds for xenocara. ok matthieu | |||
| 2016-10-04 | Validation of server responses in XGetImage() | Matthieu Herrb | |
| Check if enough bytes were received for specified image type and geometry. Otherwise GetPixel and other functions could trigger an out of boundary read later on. From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016 | |||
| 2016-10-04 | The validation of server responses avoids out of boundary accesses. | Matthieu Herrb | |
| From Tobias Stoeckmann / Xorg Securiry adrvisory Oct 4, 2016. | |||
| 2016-03-11 | Remove support vax and XENOCARA_HAVE_SHARED_LIBS scaffolding. | Okan Demirmen | |
| ok matthieu@ | |||
| 2015-04-06 | update to libX11 1.6.3 | Matthieu Herrb | |
| 2015-01-01 | Fix bad merges. | Matthieu Herrb | |
| 2014-12-09 | fix wrong name in .TH, NAME, and SYNOPSIS (obviously bad pastos...) | Ingo Schwarze | |
| ok matthieu@ | |||
| 2013-09-28 | Update to libX11 1.6.2. No API change. | Matthieu Herrb | |
| 2013-08-26 | Update to libX11 1.6.1. | Matthieu Herrb | |
| 2013-08-13 | Repair guenther's damage that I didn't ok. | Matthieu Herrb | |
| 2013-08-13 | Bump major on libX11-xcb to match the 64bit time_t change | Philip Guenther | |
| 2013-08-13 | Bump the major on every single base library. There are a couple | Philip Guenther | |
| not bumped by this that will be corrected soon. heavy lifting by todd@ | |||
| 2013-06-04 | Update to libX11 1.6.0 | Matthieu Herrb | |
| 2013-05-31 | Update to libX11 1.5.99.902 aka 1.6rc2 | Matthieu Herrb | |
| 2013-05-23 | Merge upstream fixes for several X libs vulnerabilities | Matthieu Herrb | |
| discovered by Ilja van Sprundel. CVE-2013-1981 X.org libX11 1.5.99.901 (1.6 RC1) integer overflows CVE-2013-1982 X.org libXext 1.3.1 integer overflows CVE-2013-1983 X.org libXfixes 5.0 integer overflows CVE-2013-1984 X.org libXi 1.7.1 integer overflows CVE-2013-1985 X.org libXinerama 1.1.2 integer overflows CVE-2013-1986 X.org libXrandr 1.4.0 integer overflows CVE-2013-1987 X.org libXrender 0.9.7 integer overflows CVE-2013-1988 X.org libXRes 1.0.6 integer overflows CVE-2013-1989 X.org libXv 1.0.7 integer overflows CVE-2013-1990 X.org libXvMC 1.0.7 integer overflows CVE-2013-1991 X.org libXxf86dga 1.1.3 integer overflows CVE-2013-1992 X.org libdmx 1.1.2 integer overflows CVE-2013-1994 X.org libchromeXvMC & libchromeXvMCPro in openChrome 0.3.2 integer overflows CVE-2013-1995 X.org libXi 1.7.1 sign extension issues CVE-2013-1996 X.org libFS 1.0.4 sign extension issues CVE-2013-1997 X.org libX11 1.5.99.901 (1.6 RC1) buffer overflows CVE-2013-1998 X.org libXi 1.7.1 buffer overflows CVE-2013-1999 X.org libXvMC 1.0.7 buffer overflows CVE-2013-2000 X.org libXxf86dga 1.1.3 buffer overflows CVE-2013-2001 X.org libXxf86vm 1.1.2 buffer overflows CVE-2013-2002 X.org libXt 1.1.3 buffer overflows CVE-2013-2003 X.org libXcursor 1.1.13 integer overflows CVE-2013-2004 X.org libX11 1.5.99.901 (1.6 RC1) unbounded recursion CVE-2013-2005 X.org libXt 1.1.3 memory corruption CVE-2013-2066 X.org libXv 1.0.7 buffer overflows | |||
| 2013-04-28 | Update to libX11 1.6RC. No bump needed. | Matthieu Herrb | |
| 2012-06-11 | Update to libX11 1.5.0 | Matthieu Herrb | |
| 2012-03-27 | Upate to libX11 1.5rc1. Tested by krw@, mpi@, shadchin@. | Matthieu Herrb | |
| 2011-09-19 | Fix _Xthr_once_stub_() to call the init routine for each different id. | Matthieu Herrb | |
| With tweaks from and ok ariane@ | |||
| 2011-08-27 | Update to libX11 1.4.4. Tested by ajacoutot@, shadchin@. | Matthieu Herrb | |
| 2011-07-14 | Fix libpthread linkage | David Coppa | |
| OK matthieu@ | |||
| 2011-05-30 | Update to libX11 1.4.3 which was released during the 1.4.2 tests. | Matthieu Herrb | |
| Mostly churn in the doc build system, which is disabled on Xenocara for now. | |||
| 2011-05-30 | those files were added by mistake. remove them | Matthieu Herrb | |
| 2011-05-30 | Update to libx11 1.4.2. Tested by ajacoutot@, jasper@ krw@, landry@, | Matthieu Herrb | |
| shadchin@ on various architectures. Bump major. | |||
| 2011-03-08 | xcb is no longer optional. | Matthieu Herrb | |
| 2010-10-22 | Explicitely disable groff. | Matthieu Herrb | |
| 2010-10-05 | Update to libX11 1.3.6. | Matthieu Herrb | |
| Tested by ajacoutot@, jasper@ and krw@. | |||
| 2010-09-04 | Add 2 missed files in previous update to libX11 1.3.5. | Matthieu Herrb | |
| 2010-09-04 | Update to libX11 1.3.5 | Matthieu Herrb | |
 |
index : xenocara | |
| Xenocara |
| summaryrefslogtreecommitdiff |