libX11: Changes to 'refs/tags/libX11-1.5.99.902'
Alan Coopersmith
alanc at kemper.freedesktop.org
Thu May 23 19:55:04 PDT 2013
Tag 'libX11-1.5.99.902' created by Alan Coopersmith <alan.coopersmith at oracle.com> at 2013-05-24 03:54 -0700
libX11-1.5.99.902
Changes since libX11-1.5.99.901:
Alan Coopersmith (41):
Move big request comment in XOpenDisplay to the right place
Move repeated #ifdef magic to find PATH_MAX into a common header
Add _XEatDataWords to discard a given number of 32-bit words of reply data
integer overflow in _XQueryFont() on 32-bit platforms [CVE-2013-1981 1/13]
integer overflow in _XF86BigfontQueryFont() [CVE-2013-1981 2/13]
integer overflow in XListFontsWithInfo() [CVE-2013-1981 3/13]
integer overflow in XGetMotionEvents() [CVE-2013-1981 4/13]
integer overflow in XListHosts() [CVE-2013-1981 5/13]
unvalidated lengths in XAllocColorCells() [CVE-2013-1997 1/15]
unvalidated index in _XkbReadGetDeviceInfoReply() [CVE-2013-1997 2/15]
unvalidated indexes in _XkbReadGeomShapes() [CVE-2013-1997 3/15]
unvalidated indexes in _XkbReadGetGeometryReply() [CVE-2013-1997 4/15]
unvalidated index in _XkbReadKeySyms() [CVE-2013-1997 5/15]
unvalidated index in _XkbReadKeyActions() [CVE-2013-1997 6/15]
unvalidated index in _XkbReadKeyBehaviors() [CVE-2013-1997 7/15]
unvalidated index in _XkbReadModifierMap() [CVE-2013-1997 8/15]
unvalidated index in _XkbReadExplicitComponents() [CVE-2013-1997 9/15]
unvalidated index in _XkbReadVirtualModMap() [CVE-2013-1997 10/15]
unvalidated index/length in _XkbReadGetNamesReply() [CVE-2013-1997 11/15]
unvalidated length in _XimXGetReadData() [CVE-2013-1997 12/15]
Integer overflows in stringSectionSize() cause buffer overflow in ReadColornameDB() [CVE-2013-1981 6/13]
integer overflow in ReadInFile() in Xrm.c [CVE-2013-1981 7/13]
Unbounded recursion in GetDatabase() when parsing include files [CVE-2013-2004 1/2]
Unbounded recursion in _XimParseStringFile() when parsing include files [CVE-2013-2004 2/2]
integer truncation in _XimParseStringFile() [CVE-2013-1981 8/13]
integer overflows in TransFileName() [CVE-2013-1981 9/13]
integer overflow in XGetWindowProperty() [CVE-2013-1981 10/13]
integer overflow in XGetImage() [CVE-2013-1981 11/13]
integer overflow in XGetPointerMapping() & XGetKeyboardMapping() [CVE-2013-1981 12/13]
integer overflow in XGetModifierMapping() [CVE-2013-1981 13/13]
Avoid overflows in XListFonts() [CVE-2013-1997 13/15]
Avoid overflows in XGetFontPath() [CVE-2013-1997 14/15]
Avoid overflows in XListExtensions() [CVE-2013-1997 15/15]
Make XGetWindowProperty() always initialize returned values
Convert more _XEatData callers to _XEatDataWords
Remove more unnecessary casts from Xmalloc/calloc calls
Use calloc in XOpenDisplay to initialize structs containing pointers
_XkbReadGetMapReply: reject maxKeyCodes smaller than the minKeyCode
Give GNU & Solaris Studio compilers hints about XEatData branches
Free fs->properties in _XF86BigfontQueryFont overflow error path
libX11 1.5.99.902 (1.6 RC2)
Julien Cristau (1):
xkb: fix off-by-one in _XkbReadGetNamesReply and _XkbReadVirtualModMap
Matthieu Herrb (1):
XListFontsWithInfo: Re-decrement flist[0] before calling free() on it.
Niveditha Rau (1):
Make sure internal headers include required headers
Pander (1):
Add compose sequences for JÌ and jÌ.
---
configure.ac | 2
include/X11/Xlibint.h | 18 ++++++
modules/im/ximcp/Makefile.am | 1
modules/im/ximcp/imLcPrs.c | 68 ++++++++++++++++++++------
modules/im/ximcp/imTrX.c | 2
nls/en_US.UTF-8/Compose.pre | 2
src/AllCells.c | 9 ++-
src/Cmap.h | 2
src/Context.c | 8 +--
src/Cr.h | 2
src/CrGC.c | 2
src/Depths.c | 2
src/FSWrap.c | 6 +-
src/Font.c | 90 +++++++++++++++++++++-------------
src/FontInfo.c | 111 ++++++++++++++++++++-----------------------
src/FontNames.c | 35 ++++++++-----
src/GetAtomNm.c | 12 ++--
src/GetDflt.c | 25 ---------
src/GetFPath.c | 36 ++++++++-----
src/GetHints.c | 9 +--
src/GetImage.c | 12 +++-
src/GetMoEv.c | 26 ++++------
src/GetPntMap.c | 31 +++++++-----
src/GetProp.c | 33 ++++++++----
src/GetRGBCMap.c | 3 -
src/ImUtil.c | 6 +-
src/InitExt.c | 4 -
src/IntAtom.c | 6 +-
src/Key.h | 3 +
src/KeyBind.c | 8 +--
src/LiHosts.c | 22 +++++---
src/LiICmaps.c | 8 +--
src/LiProps.c | 8 +--
src/ListExt.c | 36 ++++++++-----
src/Makefile.am | 1
src/ModMap.c | 17 ++++--
src/OpenDis.c | 27 ++++------
src/PixFormats.c | 4 -
src/PolyReg.c | 13 +----
src/PropAlloc.c | 9 +--
src/PutBEvent.c | 2
src/PutImage.c | 13 ++---
src/QuColors.c | 10 +--
src/QuTree.c | 8 +--
src/Quarks.c | 9 +--
src/RdBitF.c | 2
src/Region.c | 19 +++----
src/RegstFlt.c | 4 -
src/SetFPath.c | 2
src/SetHints.c | 6 +-
src/StrToText.c | 2
src/TextToStr.c | 4 -
src/VisUtil.c | 8 +--
src/WrBitF.c | 2
src/Xintatom.h | 1
src/Xintconn.h | 1
src/XlibInt.c | 20 +++----
src/Xprivate.h | 2
src/Xresinternal.h | 2
src/Xrm.c | 50 ++++++++++---------
src/locking.c | 8 +--
src/locking.h | 2
src/pathmax.h | 81 +++++++++++++++++++++++++++++++
src/udcInf.c | 9 +--
src/xcb_io.c | 17 ++++++
src/xcms/cmsColNm.c | 27 ++++++++--
src/xkb/XKBExtDev.c | 6 ++
src/xkb/XKBGeom.c | 15 ++++-
src/xkb/XKBGetMap.c | 33 +++++++++++-
src/xkb/XKBNames.c | 2
src/xlibi18n/lcFile.c | 24 ---------
71 files changed, 679 insertions(+), 431 deletions(-)
---
More information about the xorg-commit
mailing list