summaryrefslogtreecommitdiff
path: root/lib/libXv
AgeCommit message (Collapse)Author
2023-07-03remove file missed in previous commitMatthieu Herrb
2023-07-03Update to libXv 1.0.12Matthieu Herrb
2016-11-03Update to libXv 1.0.11Matthieu Herrb
2016-10-11regenMatthieu Herrb
2016-10-04Protocol handling issues in libXvMatthieu Herrb
The Xv query functions for adaptors and encodings suffer from out of boundary accesses if a hostile X server sends a maliciously crafted response. A previous fix already checks the received length against fixed values but ignores additional length specifications which are stored inside the received data. These lengths are accessed in a for-loop. The easiest way to guarantee a correct processing is by validating all lengths against the remaining size left before accessing referenced memory. This makes the previously applied check obsolete, therefore I removed it. From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016
2015-05-10No NEWS is good NEWS - remove a bunch of files not present upstreams anymoreMatthieu Herrb
2013-09-28Update to libXv 1.0.10Matthieu Herrb
2013-08-18Fix a number of merge issues accumulated over the yearsMatthieu Herrb
- INSTALL often got doubled by patch - empty AUTHORS files didn't get removed.
2013-08-13Bump the major on every single base library. There are a couplePhilip Guenther
not bumped by this that will be corrected soon. heavy lifting by todd@
2013-06-23Update to libXv 1.0.9Matthieu Herrb
2013-06-01Update to libXv 1.0.8Matthieu Herrb
2013-05-23Merge upstream fixes for several X libs vulnerabilitiesMatthieu Herrb
discovered by Ilja van Sprundel. CVE-2013-1981 X.org libX11 1.5.99.901 (1.6 RC1) integer overflows CVE-2013-1982 X.org libXext 1.3.1 integer overflows CVE-2013-1983 X.org libXfixes 5.0 integer overflows CVE-2013-1984 X.org libXi 1.7.1 integer overflows CVE-2013-1985 X.org libXinerama 1.1.2 integer overflows CVE-2013-1986 X.org libXrandr 1.4.0 integer overflows CVE-2013-1987 X.org libXrender 0.9.7 integer overflows CVE-2013-1988 X.org libXRes 1.0.6 integer overflows CVE-2013-1989 X.org libXv 1.0.7 integer overflows CVE-2013-1990 X.org libXvMC 1.0.7 integer overflows CVE-2013-1991 X.org libXxf86dga 1.1.3 integer overflows CVE-2013-1992 X.org libdmx 1.1.2 integer overflows CVE-2013-1994 X.org libchromeXvMC & libchromeXvMCPro in openChrome 0.3.2 integer overflows CVE-2013-1995 X.org libXi 1.7.1 sign extension issues CVE-2013-1996 X.org libFS 1.0.4 sign extension issues CVE-2013-1997 X.org libX11 1.5.99.901 (1.6 RC1) buffer overflows CVE-2013-1998 X.org libXi 1.7.1 buffer overflows CVE-2013-1999 X.org libXvMC 1.0.7 buffer overflows CVE-2013-2000 X.org libXxf86dga 1.1.3 buffer overflows CVE-2013-2001 X.org libXxf86vm 1.1.2 buffer overflows CVE-2013-2002 X.org libXt 1.1.3 buffer overflows CVE-2013-2003 X.org libXcursor 1.1.13 integer overflows CVE-2013-2004 X.org libX11 1.5.99.901 (1.6 RC1) unbounded recursion CVE-2013-2005 X.org libXt 1.1.3 memory corruption CVE-2013-2066 X.org libXv 1.0.7 buffer overflows
2012-03-14Regen with util-macros 1.17. Fixes configure on landisk (and probably theMatthieu Herrb
other gcc3 architectures).
2012-03-10Update to libXv 1.0.7Matthieu Herrb
2010-10-31Update to libXv 1.0.6. No functional change.Matthieu Herrb
2009-10-31update to libXv 1.0.5Matthieu Herrb
2008-05-24update to libXv 1.0.4Matthieu Herrb
2008-03-15Regen with autoconf 2.59-p2, with AM_SANITY check zapped.Matthieu Herrb
2007-07-29regenMatthieu Herrb
2007-04-14regen with libtool 1.5.22p10 and metaauto 0.7Matthieu Herrb
2007-03-25regen with libtool 1.5.22p9Matthieu Herrb
2007-03-18regen with automake 1.9.6p2Matthieu Herrb
2007-03-15regenMatthieu Herrb
2007-03-15Bump major of shared libs that depend on libX11 (which already got bumped).Matthieu Herrb
ok todd@
2006-12-17regenMatthieu Herrb
2006-11-28regenMatthieu Herrb
2006-11-28Try to prevent endless regeneration of Makefile.in caused to RCS Id expansion.Matthieu Herrb
2006-11-27regenerate with OpenBSD autotoolsMatthieu Herrb
2006-11-26regen with OpenBSD autotoolsMatthieu Herrb
2006-11-26Build infrastructure for libMatthieu Herrb
2006-11-25import from X.Org 7.2RC2Matthieu Herrb