summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2014-05-18Update to fontconfig 2.11.1. Tested by shadchin@Matthieu Herrb
2014-05-13Security fixes from X.Org Advisory:Matthieu Herrb
X Font Service Protocol & Font metadata file handling issues in libXfont May 13, 2014 - CVE-2014-0209: integer overflow of allocations in font metadata file parsing When a local user who is already authenticated to the X server adds a new directory to the font path, the X server calls libXfont to open the fonts.dir and fonts.alias files in that directory and add entries to the font tables for every line in it. A large file (~2-4 gb) could cause the allocations to overflow, and allow the remaining data read from the file to overwrite other memory in the heap. Affected functions: FontFileAddEntry(), lexAlias() - CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies When parsing replies received from the font server, these calls do not check that the lengths and/or indexes returned by the font server are within the size of the reply or the bounds of the memory allocated to store the data, so could write past the bounds of allocated memory when storing the returned data. Affected functions: _fs_recv_conn_setup(), fs_read_open_font(), fs_read_query_info(), fs_read_extent_info(), fs_read_glyphs(), fs_read_list(), fs_read_list_info() - CVE-2014-0211: integer overflows calculating memory needs for xfs replies These calls do not check that their calculations for how much memory is needed to handle the returned data have not overflowed, so can result in allocating too little memory and then writing the returned data past the end of the allocated buffer. Affected functions: fs_get_reply(), fs_alloc_glyphs(), fs_read_extent_info() Reported by Ilja van Sprundel of IOActive Fixes by Alan Coopersmith of Oracle
2014-05-13update to libdrm 2.4.54Jonathan Gray
ok matthieu@
2014-05-09Update to libXi 1.7.2.Matthieu Herrb
Tested by ajacoutot@ against gnome.
2014-05-03Update to libFS 1.0.6.Matthieu Herrb
2014-04-20sync LLVM_VERSION with the llvm port.Jonathan Gray
2014-04-15unbreak: le32toh() is letoh32() here.David Coppa
ok matthieu@
2014-04-14Update list of xcb libs to buildMatthieu Herrb
2014-04-14Import xcb-util-wm 0.4.1Matthieu Herrb
2014-04-14Update xcb-util-renderutil 0.3.8Matthieu Herrb
2014-04-14Import xcb-util-keysyms 0.3.9Matthieu Herrb
2014-04-14Import xcb-util-image 0.3.9Matthieu Herrb
2014-04-14Import xcb-util-cursor 0.1.1 Matthieu Herrb
2014-04-14Update xcb-utils to 0.3.9. Tested by naddy@, shadchin@ and ajacoutot@Matthieu Herrb
who I forgot to thank for testing libxcb-1.10 too.
2014-04-14Update build system and generated files for libxcb 1.10.Matthieu Herrb
2009-05-23build system for xcb-utilMatthieu Herrb
2014-04-13Update to xtrans 1.3.4Matthieu Herrb
2014-04-11update to libdrm 2.4.53Jonathan Gray
For us the only code change is some new radeon_drm.h defines as the xf86drmMode.c change is ifdef __FreeBSD__.
2014-03-31Increase the send buffer for UNIX sockets to be at least 64k such that largeMark Kettenis
sends (for example, XGetImage() replies in the X server) happen at non-glacial speeds. Makes Firefox useable again on web pages with large images. Already pushed upstream. ok matthieu@
2014-03-15Revert previous. This was not part of our local changes and theMatthieu Herrb
commit wasn't approved. The correct fix is in ../../Makefile
2014-03-15Fix freetype-config after update to freetype 2.5.3. reported by nigel@Matthieu Herrb
2014-03-15(re)fix freetype-config too.David Coppa
Spotted by nigel@
2014-03-15update to libdrm 2.4.52Jonathan Gray
ok matthieu@
2014-03-14Revert to the freetype2.pc we had before.David Coppa
There were local changes and I accidentally removed them. ok matthieu@ Sorry for breaking the xenocara tree!
2014-03-14Security/bugfixing update to freetype-2.5.3, featuring a fix for aDavid Coppa
vulnerability in the CFF driver (CVE-2014-2240) and assorted minor fixes. ok matthieu@
2006-11-25Import freetype 2.2.1Matthieu Herrb
2014-02-20We don't need the VGA arbiter if direct hardware access has been disabled.Mark Kettenis
ok matthieu@
2014-02-16type1cid.c appears twice in sources lists for no reason. Noticed by miod@Matthieu Herrb
2014-02-15If opening /dev/pciN read-write fails, try opening it read-only. This allowsMark Kettenis
X to run with machdep.allowaperture=0 on inteldrm(4) and radeondrm(4). ok matthieu@
2014-01-19Mesa 9.2.5Jonathan Gray
2014-01-18Update libdrm to 2.4.51.Jonathan Gray
ok mpi@ kettenis@
2014-01-12Update to freetype 2.5.2.Matthieu Herrb
With help for handling ports breakage from at least landry@, naddy@, ajacoutot@, jasper@, and dcoppa@. Thanks to all. Need an up to date /etc/mtree/BSD.x11.dist (from a base system build) before building.
2006-11-25Import freetype 2.2.1Matthieu Herrb
2014-01-11m68k needs libGL compiled with -fPICMiod Vallat
2014-01-07Update to libXfont 1.4.7. Include fix for CVE-2013-6462.Matthieu Herrb
unlimited sscanf overflows stack buffer in bdfReadCharacters
2014-01-03MFC: Use FT_*_H macros instead of including <freetype/*.h>Matthieu Herrb
freetype moved its headers around in 2.5.1.
2014-01-03Update to libpciacces 0.13.2.Matthieu Herrb
2013-12-30Remove the atexit() hack from OpenGL driversMatthieu Herrb
now that atexit() is behaving like on Linux. ok matthew@, millert@, dcoppa@, miod@
2013-12-26regen ChangeLog for pixman 0.32.4Matthieu Herrb
This file is empty in upstreams tarballs. sigh.
2013-12-01Update to pixman 0.32.4. Tested by naddy@ and ajacoutot@Matthieu Herrb
2013-11-24Mesa 9.2.3Jonathan Gray
2013-11-21update to libdrm 2.4.47Mark Kettenis
ok mpi@, jsg@
2013-11-09Mesa 9.2.2Jonathan Gray
2013-10-20Use arc4random()Matthieu Herrb
2013-10-20Reduce diff with upstreams.Matthieu Herrb
2013-10-10Update to freetype 2.5.0.1. Tested by many.Matthieu Herrb
2006-11-25Import freetype 2.2.1Matthieu Herrb
2013-10-05regen for Mesa 9.2.1Jonathan Gray
2013-09-28Update to libXv 1.0.10Matthieu Herrb
2013-09-28Update to libXrandr 1.4.2Matthieu Herrb
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-04 03:00:48 +0000