Changelog for
libX11-debugsource-1.6.5-150000.3.33.1.x86_64.rpm :
* Wed Sep 27 2023 sndirschAATTsuse.com- U_0001-CVE-2023-43785-out-of-bounds-memory-access-in-_XkbRe.patch U_0002-CVE-2023-43786-stack-exhaustion-from-infinite-recurs.patch U_0003-XPutImage-clip-images-to-maximum-height-width-allowe.patch U_0004-XCreatePixmap-trigger-BadValue-error-for-out-of-rang.patch U_0005-CVE-2023-43787-Integer-overflow-in-XCreateImage-lead.patch
* CVE-2023-43785 libX11: out-of-bounds memory access in _XkbReadKeySyms() (boo#1215683)
* CVE-2023-43786 libX11: stack exhaustion from infinite recursion in PutSubImage() (boo#1215684)
* CVE-2023-43787 libX11: integer overflow in XCreateImage() leading to a heap overflow (boo#1215685)
* Mon Jun 12 2023 sndirschAATTsuse.com- U_InitExt.c-Add-bounds-checks-for-extension-request-ev.patch
* Buffer overflows in InitExt.c (boo#1212102, CVE-2023-3138)
* Fri Mar 03 2023 sndirschAATTsuse.com- U_Don-t-try-to-destroy-NULL-condition-variables.patch
* fixes regression introduced with security update for CVE-2022-3555 (bsc#1204425, bsc#1208881)
* Wed Oct 19 2022 sndirschAATTsuse.com- U_fix-a-memory-leak-in-XRegisterIMInstantiateCallback.patch
* security update for CVE-2022-3554 (bsc#1204422)- U_Fix-two-memory-leaks-in-_XFreeX11XCBStructure.patch
* security update for CVE-2022-3555 (bsc#1204425)
* Mon May 31 2021 sndirschAATTsuse.com- redone U_CVE-2021-31535.patch due to regressions (boo#1186643)
* fixes segfaults for xforms applications like fdesign
* Mon May 17 2021 sndirschAATTsuse.com- U_CVE-2021-31535.patch
* adds missing request length checks in libX11 (CVE-2021-31535, bsc#1182506)
* Wed Feb 10 2021 sndirschAATTsuse.com- U_0001-_XIOError-dpy-will-never-return-so-remore-dead.patch U_0002-remove-empty-line.patch U_0003-poll_for_response-Call-poll_for_event-again-if-xcb_p.patch U_0004-poll_for_event-Allow-using-xcb_poll_for_queued_event.patch U_0005-Prepare-for-_XIOError-possibly-returning.patch U_0006-Fix-poll_for_response-race-condition.patch
* fixes a race condition in libX11 that causes various applications to crash randomly (boo#1181963)- refreshed U_0001-Fix-an-integer-overflow-in-init_om.patch
* Tue Aug 25 2020 sndirschAATTsuse.com- U_0001-Fix-an-integer-overflow-in-init_om.patch
* Fix an integer overflow in init_om() [CVE-2020-14363, boo#1175239]
* Tue Aug 04 2020 tiwaiAATTsuse.de- U_006-Fix-size-calculation-in-_XimAttributeToValue.patch:
* Regression fix in previous XIM client head overflow fixes (CVE-2020-14344, bsc#1174628)
* Thu Jul 30 2020 sndirschAATTsuse.com- U_001-ChangeTheData_lenParameterOf_XimAttributeToValueToCARD16.patch, U_002-FixIntegerOverflowsIn_XimAttributeToValue.patch, U_003-FixMoreUncheckedLengths.patch, U_004-FixSignedLengthValuesIn_XimGetAttributeID.patch, U_005-ZeroOutBuffersInFunctions.patch,
* XIM client heap overflows (CVE-2020-14344, bsc#1174628)
* Tue Jul 24 2018 sndirschAATTsuse.com- u_off-by-one-write-in-XListExtensions.patch
* fixes off-by-one write in XListExtensions (bsc#1102062, CVE-2018-14599)- u_out-of-boundary-write-in-XListExtensions.patch
* fixes out of boundary write in XListExtensions (bsc#1102068, CVE-2018-14600)- u_crash-on-invalid-reply-in-XListExtensions.patch
* crash on invalid reply in XListExtensions (bsc#1102073, CVE-2018-14598)
* Wed Mar 01 2017 tobias.johannes.klausmannAATTmni.thm.de- Update to version 1.6.5: + Revert \"Compose sequences for rouble sign\" + specs/libX11: More synopsis fixes + specs/libX11: Fix paramdef entries listing multiple parameters + specs/libX11: Make paramdef spacing more consistent + specs/libX11: Add missing parameter types for XGetWindowProperty() + specs/libX11: Fix broken synopsis for Data/Data16/Data32 + specs/libX11: Update Portability Considerations for the 21st century + autogen.sh: use quoted string variables + Plug a memory leak + Fix wrong Xfree in XListFonts failure path + Typos in \"Xlib - C Language X Interface\" document - Chapter 02 + autogen: add default patch prefix + Compose sequences for rouble sign + autogen.sh: use exec instead of waiting for configure to finish + Revert cs_CZ.UTF-8 XLC_LOCALE to en_US.UTF-8- supersedes u_nls-fix-handling-of-cs_CZ.UTF8_locale.patch
* Tue Nov 08 2016 sndirschAATTsuse.com- u_nls-fix-handling-of-cs_CZ.UTF8_locale.patch
* refix cs_CZ.UTF-locale (boo#1008951, fdo#81875, fdo#98219)
* Sat Nov 05 2016 jengelhAATTinai.de- Run fdupes over at least the manpages
* Sat Oct 29 2016 tobias.johannes.klausmannAATTmni.thm.de- Update to version 1.6.4: + Move Compose \\ o / to be with other emoji compose sequences + Replace Xmalloc+memset pairs with Xcalloc calls + Remove unused definition of XCONN_CHECK_FREQ + Bug 93184: read_EncodingInfo invalid free + Bug 93183: _XDefaultOpenIM memory leaks in out-of-memory error paths + Use strdup instead of Xmalloc+strcpy in _XDefaultOpenIM + XDefaultOMIF: replace strlen+Xmalloc+strcpy with strdup, code simplification + XlcDL.c: replace strcpy+strcat sequences with snprintf + XlcDL.c: reduce code duplication + lcPubWrap: replace malloc(strlen) + strcpy with strdup + Stop checking XTRANS_SECURE_RPC_FLAGS since we no longer use them + Stop checking for preferred order of local transports + Don\'t need to link libX11-xcb against libX11 + xcms: use size_t for strlen/sizeof values instead of converting to int & back + xcms: use unsigned indexes when looping through unsigned values + xcms: use size_t for pointer offsets passed to strncmp + omGeneric.c: Correct the parameter usage of sizeof + fix for Xlib 32-bit request number issues + Add Compose sequence for U+1F4A9. + Xlib.h: Fix macros imitating C functions. + Add compose file for pt_PT similar to pt_BR + Mark _XNextRequest as hidden + New compose keys for local languages in Togo + Fixup param specification for XChangeProperty()- Package changes: + Remove upstream patch U_fix_for_Xlib_32-bit_request_number_issues.patch
* Mon Nov 23 2015 msrbAATTsuse.com- U_fix_for_Xlib_32-bit_request_number_issues.patch
* Fix for overflow of requet number on 32bit platforms. (bnc#845916)
* Thu Mar 12 2015 sndirschAATTsuse.com- marked baselibs.conf as source file in specfile
* Wed Mar 11 2015 tobias.johannes.klausmannAATTmni.thm.de- Update to version 1.6.3: This release of libX11 looks bigger than it is, due to a lot of spec/doc cleanup work that doesn\'t affect the code itself. There is still a good deal of bug fixes, code cleanup, locale improvements, and compose key table additions, including new UTF-8 compose sequences for: +
: \"\" U20b9 # INDIAN RUPEE SIGN + : \"Ș\" U0218 # LATIN CAPITAL LETTER S WITH COMMA BELOW + : \"ș\" U0219 # LATIN SMALL LETTER S WITH COMMA BELOW + : \"Ț\" U021A # LATIN CAPITAL LETTER T WITH COMMA BELOW + : \"ț\" U021B # LATIN SMALL LETTER T WITH COMMA BELOW + : \"\" U1F595 # REVERSED HAND WITH MIDDLE FINGER EXTENDED + : \"\" U1F596 # RAISED HAND WITH PART BETWEEN MIDDLE AND RING FINGERS- Changes to package: + remove Patch16: U_nls-en_US.UTF-8-Compose.pre-Fix-typo.patch