SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libXfont-devel-1.5.4-8.1.x86_64.rpm :

* Tue Nov 28 2017 sndirschAATTsuse.com- Update to release 1.5.4
* Open files with O_NOFOLLOW. (CVE-2017-16611, bsc#1050459)
* Fri Oct 20 2017 sndirschAATTsuse.com- Update to release 1.5.3
* Check for end of string in PatternMatch (CVE-2017-13720)
* pcfGetProperties: Check string boundaries (CVE-2017-13722)
* Tue May 30 2017 sndirschAATTsuse.com- includes everything needed for missing sle issue entries: fate #320388 (bsc#1041641) boo#958383, bnc#921978, bnc#857544 (bsc#1041641) CVE-2015-1802, CVE-2015-1803, CVE-2015-1804 (bsc#1041641) CVE-2014-0209, CVE-2014-0210, CVE-2014-0211 (bsc#1041641)
* Thu Sep 22 2016 sndirschAATTsuse.com- Update to release 1.5.2 Maintenance branch release, primarily for bdftopcf\'s benefit as it\'s the only thing that really needs the Xfont1 API. (xfs uses it too, I believe, but could be ported to Xfont2). If someone wanted to step up and merge Xfont1 into bdtopcf directly, that\'d be great.- supersedes U_bdfReadCharacters-Allow-negative-DWIDTH-values.patch
* Tue Dec 08 2015 eichAATTsuse.com- U_bdfReadCharacters-Allow-negative-DWIDTH-values.patch Negative DWIDTH is legal. This was broken by the fix for CVE-2015-1804. Fixed upstream with commit 1a73d6 (boo#958383).
* Wed Mar 18 2015 sndirschAATTsuse.com- Update to release 1.5.1
* This release of libXfont provides the fixes for the security advisory about BDF font parsing bugs (CVE-2015-1802, CVE-2015-1803, CVE-2015-1804)
* Mon Jul 21 2014 sndirschAATTsuse.com- Update to final release 1.5.0
* no changes since 1.4.99.901
* Wed Jul 09 2014 sndirschAATTsuse.com- Update to version 1.4.99.901
* This is a release candidate of libXfont 1.5.0 - please test and report any issues found, so we can have a final/stable release soon to go with the xorg-server 1.16 release.
*
*IMPORTANT
* This release works with fontsproto 2.1.3 or later and is for use with the upcoming release of xorg-server 1.16 and later. It will
*not
* work with older versions of fontsproto or xorg-server (prior to 1.15.99.901).
* This release includes all the security & bug fixes from libXfont 1.4.8, plus these additional significant changes: - Support for SNF font format (deprecated since X11R5 in 1991) is now disabled by default at build time. For now, adding - -enable-snfformat to configure flags may re-enable it, but support may be fully removed in future libXfont releases. - Many compiler warnings cleaned up, including some which required API changes around type declarations (const char
*, Pointer, etc.). - README file expanded to explain all the different formats/ options.- supersedes patches:
* U_0001-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch
* U_0002-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch
* U_0003-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch
* U_0004-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch
* U_0005-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch
* U_0006-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch
* U_0007-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch
* U_0008-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs.patch
* U_0009-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch
* U_0010-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch
* U_0011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch
* U_0012-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch- added baselibs.conf as source to spec file
* Mon May 19 2014 msrbAATTsuse.com- U_0001-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch, U_0002-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch, U_0003-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch, U_0004-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch, U_0005-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch, U_0006-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch, U_0007-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch, U_0008-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs.patch, U_0009-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch, U_0010-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch, U_0011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch, U_0012-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch
* Security fixes. (CVE-2014-0209, CVE-2014-0210, CVE-2014-0211, bnc#857544)
* Tue Mar 18 2014 sndirschAATTsuse.com- update to current git commit a96cc1f to match current fontsproto git sources
  
ICM