libXpm: Changes to 'refs/tags/libXpm-3.5.17'

GitLab Mirror gitlab-mirror at kemper.freedesktop.org
Tue Oct 3 16:13:18 UTC 2023 

Tag 'libXpm-3.5.17' created by Alan Coopersmith <alan.coopersmith at oracle.com> at 2023-10-03 16:13 +0000

libXpm-3.5.17
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEL328rVsw5mi71RbBz98UiCjGQqcFAmUcPZcACgkQz98UiCjG
QqfTNRAAnsyrLz3dqsIL5BjnAoI+rd/bBk8xxGmoGF3SCKXo2cWYnaspqes5a9qI
QZvS5+YFw7hueVlHkFICkrqBG7GubYj11RFWd+PYHKWw7Zewxb5T82IGPViwd5nS
eMM544Lxxnn86zAGlHVUDM/n0ZUHBiAydyknZ2jm8IxZeCxzeF9bvJqEMaKPFcNI
kErctGUzkQA/xvmUSyboKrK1JkagBvSC2z+kAJUZJSRMNBemL3GVOe0GKbM4+sAq
SU+vZ5L+4SFTa0Ut4iUra6zw3fI+90+sbQsjVz+oDoNt5liOyOYJpi5p6+YdN3bu
I5f6UJLtnqPa9YYSJPp7HK+OXYLPLDEO6wRMatRVQ1z1CsQbSvKAyQjaQRG6Kl8R
kTKR+aT+Hjt94LoyiIGE+2J/Z0FZ0nvhUPdZvNwVWrbB7i4FZgyq0p/Kx4rHFI8Q
RzIDr0/V18Uu80J/IF5lyreY4aCyb6XPhpiA+yeXr59iRYoQdQvt9ezX898u+i0c
rwBH6oxJ4zsb71yhq/Z6pKA2cbl+hB9Tc/yUwNZoJP+UitfxbGcmDO8SQxZgZ4iG
ydxkLufPtqzt2xFMnIPkIYhCopzkFDqocwLY5K4b8yMyizgvjXV15++XCK67vuek
KXBC7tSV0Uj0/OsJzvp0esnL0e+wOUoAgB2VRYDOyq2v4NTHiw8=
=z/2Q
-----END PGP SIGNATURE-----

Changes since libXpm-3.5.16:
Alan Coopersmith (10):
      Set close-on-exec when opening files
      test: use g_pattern_spec_match_string if available
      Explicitly mark non-static symbols as export or hidden
      Fix CVE-2023-43788: Out of bounds read in XpmCreateXpmImageFromBuffer
      test: Add test case for CVE-2023-43789 (corrupt colormap info)
      Fix CVE-2023-43789: Out of bounds read on XPM with corrupted colormap
      test: Add test case for CVE-2023-43786 (stack exhaustion in PutImage)
      Avoid CVE-2023-43786: stack exhaustion in XPutImage()
      test: Add test case for CVE-2023-43787 (integer overflow in XCreateImage)
      libXpm 3.5.17

Yair Mizrahi (1):
      Avoid CVE-2023-43787 (integer overflow in XCreateImage)

---
 configure.ac                                    |    5 
 include/X11/xpm.h                               |    8 
 src/CrPFrBuf.c                                  |   28 +-
 src/CrPFrDat.c                                  |   31 +-
 src/CrPFrI.c                                    |   10 
 src/RdFToBuf.c                                  |    2 
 src/RdFToI.c                                    |    8 
 src/RdFToP.c                                    |   28 +-
 src/WrFFrBuf.c                                  |    2 
 src/WrFFrI.c                                    |    4 
 src/XpmI.h                                      |   77 +++---
 src/create.c                                    |   33 ++
 src/data.c                                      |    6 
 src/rgb.c                                       |    2 
 test/TestAllFiles.h                             |    6 
 test/XpmRead.c                                  |    6 
 test/XpmWrite.c                                 |    6 
 test/pixmaps/README.md                          |   21 +
 test/pixmaps/invalid/corrupt-colormap.xpm       |binary
 test/pixmaps/invalid/width-overflow.xpm         |   31 ++
 test/pixmaps/other/overflow-stackexhaustion.xpm |  277 ++++++++++++++++++++++++
 test/rgb.c                                      |    2 
 22 files changed, 517 insertions(+), 76 deletions(-)
---

More information about the xorg-commit mailing list