Module Name: src
Committed By: snj
Date: Tue Mar 17 18:44:37 UTC 2015
Modified Files:
src/doc [netbsd-5-2]: CHANGES-5.2.4
Log Message:
1953
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.20 -r1.1.2.21 src/doc/CHANGES-5.2.4
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-5.2.4
diff -u src/doc/CHANGES-5.2.4:1.1.2.20 src/doc/CHANGES-5.2.4:1.1.2.21
--- src/doc/CHANGES-5.2.4:1.1.2.20 Mon Mar 16 21:21:50 2015
+++ src/doc/CHANGES-5.2.4 Tue Mar 17 18:44:37 2015
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-5.2.4,v 1.1.2.20 2015/03/16 21:21:50 bouyer Exp $
+# $NetBSD: CHANGES-5.2.4,v 1.1.2.21 2015/03/17 18:44:37 snj Exp $
A complete list of changes from the NetBSD 5.2.3 release to the NetBSD 5.2.4
release:
@@ -2556,3 +2556,12 @@ distrib/utils/x_gzip/Makefile patch
Sync gzip core with HEAD.
[mrg, ticket #1951]
+xsrc/external/mit/libXfont/dist/src/bitmap/bdfread.c patch
+xsrc/xfree/xc/lib/font/bitmap/bdfread.c patch
+
+ Fix CVE-2015-1802 (bdfReadProperties: property count needs
+ range check), CVE-2015-1803 (bdfReadCharacters: bailout if a
+ char's bitmap cannot be read), and CVE-2015-1804
+ (bdfReadCharacters: ensure metrics fit into xCharInfo struct)
+ [mrg, ticket #1953]
+
