Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-10-11 | regen | Matthieu Herrb | |
2016-10-04 | Integer overflow on illegal server response | Matthieu Herrb | |
The 32 bit field "rep.length" is not checked for validity, which allows an integer overflow on 32 bit systems. A malicious server could send INT_MAX as length, which gets multiplied by the size of XRectangle. In that case the client won't read the whole data from server, getting out of sync. From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016 | |||
2016-08-06 | Update to libXfixes 5.0.2. No functional changes. | Matthieu Herrb | |
2013-07-10 | Remove a merge artifact. | Brandon Mercer | |
OK matthieu | |||
2013-05-31 | Update to libXfixes 5.0.1 | Matthieu Herrb | |
2013-05-23 | Merge upstream fixes for several X libs vulnerabilities | Matthieu Herrb | |
discovered by Ilja van Sprundel. CVE-2013-1981 X.org libX11 1.5.99.901 (1.6 RC1) integer overflows CVE-2013-1982 X.org libXext 1.3.1 integer overflows CVE-2013-1983 X.org libXfixes 5.0 integer overflows CVE-2013-1984 X.org libXi 1.7.1 integer overflows CVE-2013-1985 X.org libXinerama 1.1.2 integer overflows CVE-2013-1986 X.org libXrandr 1.4.0 integer overflows CVE-2013-1987 X.org libXrender 0.9.7 integer overflows CVE-2013-1988 X.org libXRes 1.0.6 integer overflows CVE-2013-1989 X.org libXv 1.0.7 integer overflows CVE-2013-1990 X.org libXvMC 1.0.7 integer overflows CVE-2013-1991 X.org libXxf86dga 1.1.3 integer overflows CVE-2013-1992 X.org libdmx 1.1.2 integer overflows CVE-2013-1994 X.org libchromeXvMC & libchromeXvMCPro in openChrome 0.3.2 integer overflows CVE-2013-1995 X.org libXi 1.7.1 sign extension issues CVE-2013-1996 X.org libFS 1.0.4 sign extension issues CVE-2013-1997 X.org libX11 1.5.99.901 (1.6 RC1) buffer overflows CVE-2013-1998 X.org libXi 1.7.1 buffer overflows CVE-2013-1999 X.org libXvMC 1.0.7 buffer overflows CVE-2013-2000 X.org libXxf86dga 1.1.3 buffer overflows CVE-2013-2001 X.org libXxf86vm 1.1.2 buffer overflows CVE-2013-2002 X.org libXt 1.1.3 buffer overflows CVE-2013-2003 X.org libXcursor 1.1.13 integer overflows CVE-2013-2004 X.org libX11 1.5.99.901 (1.6 RC1) unbounded recursion CVE-2013-2005 X.org libXt 1.1.3 memory corruption CVE-2013-2066 X.org libXv 1.0.7 buffer overflows | |||
2013-05-02 | Remove white space only diff with upstreams | Matthieu Herrb | |
2011-04-17 | Update to libXfixes 5.0 | Matthieu Herrb | |
2010-07-17 | Update to libXfixes 4.0.5 | Matthieu Herrb | |
2009-10-31 | update to libXfixes 4.0.4 | Matthieu Herrb | |
2007-03-18 | regen with automake 1.9.6p2 | Matthieu Herrb | |
2006-11-26 | regen with OpenBSD autotools | Matthieu Herrb | |
2006-11-25 | import from X.Org 7.2RC1 | Matthieu Herrb | |