SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libXpm4-32bit-3.5.12-150000.3.10.1.x86_64.rpm :

* Wed Sep 27 2023 sndirschAATTsuse.com- U_0000-test-Add-unit-tests-using-glib-framework.patch U_0001-Fix-CVE-2023-43788-Out-of-bounds-read-in-XpmCreateXp.patch U_0002-test-Add-test-case-for-CVE-2023-43789-corrupt-colorm.patch U_0003-Fix-CVE-2023-43789-Out-of-bounds-read-on-XPM-with-co.patch
* fixes CVE-2023-43788 libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (boo#1215686)
* fixes CVE-2023-43789 libXpm: out of bounds read on XPM with corrupted colormap (boo#1215687)- U_0004-test-Add-test-case-for-CVE-2023-43786-stack-exhausti.patch U_0005-Avoid-CVE-2023-43786-stack-exhaustion-in-XPutImage.patch U_0006-test-Add-test-case-for-CVE-2023-43787-integer-overfl.patch U_0007-Avoid-CVE-2023-43787-integer-overflow-in-XCreateImag.patch
* avoids to trigger CVE-2023-43786,CVE-2023-43787 (boo#1215684, boo#1215685); see changelog in libX11 update ...
* Tue Jan 17 2023 sndirschAATTsuse.com- U_regression2-bug1207029_1207030_1207031.patch
* second regression fix: Use gzip -d instead of gunzip
* Fri Jan 13 2023 sndirschAATTsuse.com- U_regression-bug1207029_1207030_1207031.patch
* regression fix for above patches
* Wed Jan 11 2023 sndirschAATTsuse.com- U_0000-Update-README-for-gitlab-migration.patch
* needed by U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch- U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch
* needed by U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch- U_0002-Fix-CVE-2022-46285-Infinite-loop-on-unclosed-comment.patch
* libXpm: Infinite loop on unclosed comments (CVE-2022-46285, bsc#1207029)- U_0004-Fix-CVE-2022-44617-Runaway-loop-with-width-of-0-and-.patch
* libXpm: Runaway loop on width of 0 and enormous height (CVE-2022-44617, bsc#1207030)- U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch
* libXpm: compression commands depend on $PATH (CVE-2022-4883, bsc#1207031)
* Sun Jan 01 2017 sndirschAATTsuse.com- added baselibs.conf as source in specfile
* Sun Jan 01 2017 sndirschAATTsuse.com- Update to version 3.5.12:
* Fix abs() usage.
* Fix out out boundary read on unknown colors
* Gracefully handle EOF while parsing files.
* Avoid OOB write when handling malicious XPM files.
* Handle size_t in file/buffer length
* Thu Sep 12 2013 zaitorAATTopensuse.org- Update to version 3.5.11: + Fix typo in COPYING (matches src/amigax.h). + Add noreturn attributes suggested by gcc. + Doclifter can\'t handle more than one dash in a name line. + Fix libXpm build with NO_ZPIPE. + Added \'const\' attribute to all filename arguments in the API. + Added \'const\' qualifier to the filename argument to internal functions. + Close fd if fdopen() or xpmPipeThrough() fails in OpenWriteFile(). + autogen.sh: Implement GNOME Build API. + configure: Remove AM_MAINTAINER_MODE. + Define NO_ZPIPE when building for MinGW.
* Sun Feb 17 2013 jengelhAATTinai.de- Use more robust make install call
* Wed Apr 11 2012 vuntzAATTopensuse.org- Update to version 3.5.10: + Compiler warning fixes + Janitorial cleanups + Build configuration improvements
* Sun Feb 12 2012 jengelhAATTmedozas.de- Rename xorg-x11-libXpm to libXpm and utilize shlib policy
  
ICM