[ANNOUNCE] libXfont 1.4.8

Alan Coopersmith alan.coopersmith at oracle.com
Thu May 15 19:59:16 PDT 2014

libXfont provides the core of the legacy X11 font system, handling the
index files (fonts.dir, fonts.alias, fonts.scale), the various font file
formats, and rasterizing them.   It is used by the X servers, the
X Font Server (xfs), and some font utilities (bdftopcf for instance),
but should not be used by normal X11 clients.  X11 clients access fonts
via either the new API's in libXft, or the legacy API's in libX11.

This release is overflowing with security fixes and code cleanups,
including the fixes for CVE-2014-0209, CVE-2014-0210, & CVE-2014-0211
for the security advisory published earlier this week:

This release works with fontsproto 2.1.2 or earlier and is for use with
the existing stable releases of xorg-server - 1.15 & earlier.

libXfont 1.5 will be released later this year to support fontsproto 2.1.3
and xorg-server 1.16.  It will also change the compile time defaults to stop
building SNF font format support by default, taking the next step in the
deprecation of this file format that was used prior to X11R5, and has been
on the way out since 1991.   In the unlikely event that you still need to
support old SNF format fonts, get in the habit of adding --enable-snfformat
to your configure flags when building.

Alan Coopersmith (24):
      Fix unused variable 'dir' warnings
      Remove redundant declaration of FontFileStartListFonts()
      Initialize (unused) data field in fsListCataloguesReq before sending it.
      Remove redundant setting of 'len' in SPropRecValList_add_by_font_cap
      Correct comment in configure.ac about scalable font support
      Add notes to README about various font formats & configure options
      Add note to README declaring snf fonts to be deprecated
      Check if pointer returned by BufFileCreate is NULL before writing to it
      Require fontsproto < 2.1.3 for matching function prototypes
      Allow enabling src/fc DEBUG helpers via CPPFLAGS
      Clean up warnings when src/fc is built with -DDEBUG
      CVE-2014-0209: integer overflow of realloc() size in FontFileAddEntry()
      CVE-2014-0209: integer overflow of realloc() size in lexAlias()
      CVE-2014-0210: unvalidated length in _fs_recv_conn_setup()
      CVE-2014-0210: unvalidated lengths when reading replies from font server
      CVE-2014-0211: Integer overflow in fs_get_reply/_fs_start_read
      CVE-2014-0210: unvalidated length fields in fs_read_query_info()
      CVE-2014-0211: integer overflow in fs_read_extent_info()
      CVE-2014-0211: integer overflow in fs_alloc_glyphs()
      CVE-2014-0210: unvalidated length fields in fs_read_extent_info()
      CVE-2014-0210: unvalidated length fields in fs_read_glyphs()
      CVE-2014-0210: unvalidated length fields in fs_read_list()
      CVE-2014-0210: unvalidated length fields in fs_read_list_info()
      libXfont 1.4.8

Peter Harris (1):
      Fix buffer read overrun

git tag: libXfont-1.4.8

MD5:  a7cbc4128c244d9c54fdf21cd517ac8c
SHA1: 687746ba7e6d6064cb2b930e2dfe744603a5f85b
SHA256: 5568d4febf790fb250fb8d4ecf1f389a428eb545a79fb2abe9c82f652d14d005

MD5:  a9d9ee8e322a85c24a862bd9b38064a2
SHA1: 8d043e212b174e778ed10958b9ca00e6151e29ac
SHA256: 5fea8a7ac72322646656d5956b664763d824a214f77d5a7b6fdef439ddbfe90d

	-Alan Coopersmith-              alan.coopersmith at oracle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg/attachments/20140515/a38259c3/attachment.sig>

More information about the xorg mailing list