Matthieu Herrb (1):
xrdb 1.2.1
Tobias Stoeckmann (1):
Fix out of boundary read.
Walter Harms (3):
Add actual querying capabilities
XFree() can handle NULL arg
fix assignment discards ‘const’ qualifier
git tag: xrdb-1.2.1
https://xorg.freedesktop.org/archive
with dist-hook to generate from git log
Fix commit 08c9daab3a0b3ef37723c007858fa949cb91bbd8
Keith Packard (1):
Use XResQueryClientIds to get pid instead of window property
Kevin Ryde (1):
In xrestop_client_get_info() show xrestop's own pid.
Matthieu Herrb (7):
U
x in comment
Gaurav Ujjwal (1):
Fix out-of-bound access in KeySymToUcs4()
Matthieu Herrb (2):
Reject string longer than USHRT_MAX before sending them on the wire
Version 1.7.1
Walter Harms (8):
FIX: warning: macro `Pn' not defined
FIX: warning: macro `hN' not
vulnerability has been discovered by Roman Fiedler from
Unparalleled IT Services e.U.
--
Matthieu Herrb
signature.asc
Description: PGP signature
___
xorg-announce mailing list
xorg-announce@lists.x.org
https://lists.x.org/mailman/listinfo/xorg-announce
vulnerabilities have been discovered by Jan-Niklas Sohn working
with Trend Micro Zero Day Initiative.
--
Matthieu Herrb
signature.asc
Description: PGP signature
___
xorg-announce mailing list
xorg-announce@lists.x.org
https://lists.x.org/mailman/listinfo/xorg
SetDeviceIndicators() heap overflows
ZDI-CAN 11389 / CVE-2020-25712
Thanks
==
These vulnerabilities have been discovered by Jan-Niklas Sohn working
with Trend Micro Zero Day Initiative.
--
Matthieu Herrb
___
xorg-announce mailing list
xorg-announce
24acad216aa0fc2ac451c67b2b86db057a032050
Fix XRecordRegisterClients() Integer underflow
CVE-2020-14362 ZDI-CAN-11574
Thanks
==
These vulnerabilities have beend discovered by Jan-Niklas Sohn working
with Trend Micro Zero Day Initiative.
--
Matthieu Herrb
signature.asc
Description: PGP
Christopher Chavez (1):
Fix typo GCCLipYOrigin -> GCClipYOrigin in XCreateGC() manpage
Felix Yan (1):
Correct a typo in GetStCmap.c
Matthieu Herrb (2):
Fix an integer overflow in init_om()
libX11 1.6.12
Maya Rashish (1):
Avoid the use of "register&quo
020-14363
This can lead to a double free later, as reported by Jayden Rivers.
Thanks
--
X.Org thanks Jayden Rivers for reporting this issue to our security
team and assisting them in understanding them and providing fixes.
--
Matthieu Herrb
signature.asc
Description:
Adam Jackson (1):
Fix XTS regression in XCopyColormapAndFree
Alan Coopersmith (1):
Fix spelling/wording issues
Alex Henrie (1):
Handle small final sigma in XConvertCase
Marko Myllynen (1):
Update Finnish compose sequences for SFS 5966:2019 standard
Matthieu Herrb (2
rruption.
Thanks
==
X.Org thanks Todd Carson for reporting these issues to our security
team and assisting them in understanding them and providing fixes.
--
Matthieu Herrb
signature.asc
Description: PGP signature
___
xorg-announce mailing list
xorg-
n NullPixmap;
Thanks
==
This vulnerability was discovered by Jan-Niklas Sohn working with
Trend Micro Zero Day Initiative.
--
Matthieu Herrb
signature.asc
Description: PGP signature
___
xorg-announce mailing list
xorg-announce@lists.x.org
https:/
d reported the issue,
and the Red Hat Product Security Team who helped understand all
impacts.
--
Matthieu Herrb
signature.asc
Description: PGP signature
___
xorg-announce mailing list
xorg-announce@lists.x.org
https://lists.x.org/mailman/listinfo/xorg-announce
Alan Coopersmith (1):
Stop compiling empty sm_auth.c stub
Emil Velikov (1):
autogen.sh: use quoted string variables
Fab (1):
Fix callbacks signatures in libSM documentation
Jon TURNEY (1):
Include unistd.h for getpid()
Matthieu Herrb (3):
Fix uuid_to_string(3
Prop.c:140
Martin Natano (1):
Don't rebuild ks_tables.h if nothing changed.
Matthieu Herrb (2):
Remove statement with no effect.
libX11 1.6.6
Michal Srb (1):
Use flexible array member instead of fake size.
Ryan C. Gordon (1):
Valgrind fix for XStoreColor and XStoreC
X.Org security advisory: August 21, 2018
Multiple issues in libX11
=
The functions XGetFontPath, XListExtensions and XListFonts from libX11
are vulnerable to three different issues:
Off-by-one writes (CVE-2018-14599).
---
The functions XGe
Matthieu Herrb (1):
libXfont 1.5.4
Michal Srb (1):
Open files with O_NOFOLLOW. (CVE-2017-16611)
git tag: libXfont-1.5.4
https://xorg.freedesktop.org/archive/individual/lib/libXfont-1.5.4.tar.bz2
MD5: 16eaf156edd79b68038b6a7c44aa9e9b libXfont-1.5.4.tar.bz2
SHA1
Matthieu Herrb (1):
libXfont2 2.0.3
Michal Srb (1):
Open files with O_NOFOLLOW. (CVE-2017-16611)
git tag: libXfont2-2.0.3
https://xorg.freedesktop.org/archive/individual/lib/libXfont2-2.0.3.tar.bz2
MD5: b7ca87dfafeb5205b28a1e91ac3efe85 libXfont2-2.0.3.tar.bz2
SHA1
Alan Coopersmith (4):
configure: Drop AM_MAINTAINER_MODE
autogen.sh: Honor NOCONFIGURE=1
Use strdup() instead of malloc(strlen())+strcpy()
Fix some clang integer sign/size mismatch warnings
Emil Velikov (1):
autogen.sh: use quoted string variables
Matthieu Herrb (1
Jörg Sonnenberger (1):
Fix abs() usage.
Matthieu Herrb (1):
libXpm 3.5.12
Tobias Stoeckmann (4):
Fix out out boundary read on unknown colors
Gracefully handle EOF while parsing files.
Avoid OOB write when handling malicious XPM files.
Handle size_t in file
Matthieu Herrb (1):
libXtst 1.2.3
Michael Joost (1):
Remove fallback for _XEatDataWords, require libX11 1.6 for it
Tobias Stoeckmann (1):
Out of boundary access and endless loop in libXtst
git tag: libXtst-1.2.3
https://xorg.freedesktop.org/archive/individual/lib/libXtst
Alan Coopersmith (1):
Fix typo in dependencies for lint library
Matthieu Herrb (1):
libXv 1.0.11
Tobias Stoeckmann (1):
Protocol handling issues in libXv - CVE-2016-5407
git tag: libXv-1.0.11
https://xorg.freedesktop.org/archive/individual/lib/libXv-1.0.11.tar.bz2
MD5
Matthieu Herrb (1):
libXi 1.7.7
Tobias Stoeckmann (1):
Properly validate server responses.
git tag: libXi-1.7.7
https://xorg.freedesktop.org/archive/individual/lib/libXi-1.7.7.tar.bz2
MD5: cc0883a898222d50ff79af3f83595823 libXi-1.7.7.tar.bz2
SHA1
Lauri Kasanen (1):
Fix documentation to explicitly mention premultiplied alpha
Matthieu Herrb (1):
libXrender 0.9.10
Tobias Stoeckmann (2):
Avoid OOB write in XRenderQueryFilters
Validate lengths while parsing server data.
git tag: libXrender-0.9.10
https
Matthieu Herrb (1):
libXvMC 1.0.10
Tobias Stoeckmann (1):
Avoid buffer underflow on empty strings.
git tag: libXvMC-1.0.10
https://xorg.freedesktop.org/archive/individual/lib/libXvMC-1.0.10.tar.bz2
MD5: 4cbe1c1def7a5e1b0ed5fce8e512f4c6 libXvMC-1.0.10.tar.bz2
SHA1
Lauri Kasanen (1):
Fix documentation to explicitly mention premultiplied alpha
Matthieu Herrb (1):
libXrender 0.9.10
Tobias Stoeckmann (2):
Avoid OOB write in XRenderQueryFilters
Validate lengths while parsing server data.
git tag: libXrender-0.9.10
https
Matthieu Herrb (1):
libXfixes 5.0.3
Tobias Stoeckmann (1):
Integer overflow on illegal server response
git tag: libXfixes-5.0.3
https://xorg.freedesktop.org/archive/individual/lib/libXfixes-5.0.3.tar.bz2
MD5: 07e01e046a0215574f36a3aacb148be0 libXfixes-5.0.3.tar.bz2
SHA1
Matthieu Herrb (1):
libXrandr 1.5.1
Tobias Stoeckmann (1):
Avoid out of boundary accesses on illegal responses
walter harms (2):
fix: doGetScreenResources() info: redundant null check on calling free()
fix: redundant null check on calling free()
git tag: libXrandr-1.5.1
Matthieu Herrb (1):
libXi 1.7.7
Tobias Stoeckmann (1):
Properly validate server responses.
git tag: libXi-1.7.7
https://xorg.freedesktop.org/archive/individual/lib/libXi-1.7.7.tar.bz2
MD5: cc0883a898222d50ff79af3f83595823 libXi-1.7.7.tar.bz2
SHA1
languages in Togo
Matthew D. Fuller (1):
Fixup param specification for XChangeProperty()
Matthieu Herrb (1):
libX11 1.6.4
Mike FABIAN (3):
add be_BY.UTF-8@latin and sr_RS.UTF-8@latin to locale.dir
fix spelling mistakes in ks_IN and sd_IN devanagari locales
Fix spellin
s releases from X.Org:
* libX11 1.6.4
* libXfixes 5.0.3
* libXi 1.7.7
* libXrandr 1.5.1
* libXrender 0.9.10
* libXtst 1.2.3
* libXv 1.0.11
* libXvMC 1.0.10
Thanks
X.Org thanks Tobias Stoeckmann for reporting these issues to our
security team and assisting them in understanding them and ev
deprecated AM_CONFIG_HEADER with AC_CONFIG_HEADERS
config: replace deprecated AC_HELP_STRING with AS_HELP_STRING
config: replace deprecated use of AC_OUTPUT with AC_CONFIG_FILES
config: add comments for main statements
Matthieu Herrb (16):
replace XF86Config -> xorg.conf i
32 matches
Mail list logo