[ANNOUNCE] libXvMC 1.0.8
Alan Coopersmith
alan.coopersmith at oracle.com
Thu Jun 13 23:37:40 PDT 2013
libXvMC is the Xlib-based client library for the X-Video Motion Compensation
extension.
This bug fix release provides the fixes for the recently announced security
issues CVE-2013-1990 & CVE-2013-1999, and the fixes for the bugs introduced
in the initial set of patches for those security issues.
Adam Jackson (1):
configure: Remove AM_MAINTAINER_MODE
Alan Coopersmith (6):
Use _XEatDataWords to avoid overflow of rep.length shifting
integer overflow in XvMCListSurfaceTypes() [CVE-2013-1990 1/2]
integer overflow in XvMCListSubpictureTypes() [CVE-2013-1990 2/2]
integer overflow in _xvmc_create_*()
Multiple unvalidated assumptions in XvMCGetDRInfo() [CVE-2013-1999]
libXvMC 1.0.8
Colin Walters (1):
autogen.sh: Implement GNOME Build API
Dave Airlie (1):
Multiple unvalidated patches in CVE-2013-1999
Julien Cristau (1):
avoid overflowing by making nameLen and busIDLen addition overflow
git tag: libXvMC-1.0.8
http://xorg.freedesktop.org/archive/individual/lib/libXvMC-1.0.8.tar.bz2
MD5: 2e4014e9d55c430e307999a6b3dd256d
SHA1: b0fa592cd615aa41290cb8d6f97e6ed53dd21bca
SHA256: 5e1a401efa433f959d41e17932b8c218c56b931348f494b8fa4656d7d798b204
http://xorg.freedesktop.org/archive/individual/lib/libXvMC-1.0.8.tar.gz
MD5: 2dedf01f8c34d086fac285195e3eee2b
SHA1: f5e9ac86576a3f63530ad20bf7d20ddfe007024a
SHA256: a9a294e8fe584363790c6bd49c7de78e5a6ce395a4318ef2790dfb6afa84b631
--
-Alan Coopersmith- alan.coopersmith at oracle.com
Oracle Solaris Engineering - http://blogs.oracle.com/alanc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg/attachments/20130613/a5d8bdd7/attachment.pgp>
More information about the xorg
mailing list