Ubuntu
libx11 package

Change logs for libx11 source package in Lunar

  1. Lunar (23.04)
  2. Change log 
  • libx11 (2:1.8.4-2ubuntu0.3) lunar-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds memory access in _XkbReadKeySyms()
    - d/p/0001-CVE-2023-43785-out-of-bounds-memory-access-in-_XkbRe.patch
    - CVE-2023-43785
  * SECURITY UPDATE: stack exhaustion from infinite recursion in
    PutSubImage()
    - d/p/0002-CVE-2023-43786-stack-exhaustion-from-infinite-recurs.patch
    - d/p/0003-XPutImage-clip-images-to-maximum-height-width-allowe.patch
    - CVE-2023-43786
  * SECURITY UPDATE: integer overflow in XCreateImage() leading to a heap
    overflow
    - d/p/0004-XCreatePixmap-trigger-BadValue-error-for-out-of-rang.patch
    - d/p/0005-CVE-2023-43787-Integer-overflow-in-XCreateImage-lead.patch
    - CVE-2023-43787

 -- Marc Deslauriers <email address hidden>  Mon, 02 Oct 2023 15:07:04 -0400
  • libx11 (2:1.8.4-2ubuntu0.2) lunar-security; urgency=medium

  * SECURITY UPDATE: multiple buffer overflows
    - debian/patches/CVE-2023-3138.patch: add bounds checks for extension
      request, event, & error codes in src/InitExt.c.
    - CVE-2023-3138

 -- Marc Deslauriers <email address hidden>  Tue, 13 Jun 2023 07:24:29 -0400
  • libx11 (2:1.8.4-2) unstable; urgency=medium

  * rules: Drop --disable-thread-safety-constructor again.

 -- Timo Aaltonen <email address hidden>  Mon, 27 Feb 2023 20:31:15 +0200
  • libx11 (2:1.8.3-3) unstable; urgency=medium

  * Revert yet another commit causing regressions. (Closes: #1026809)

 -- Timo Aaltonen <email address hidden>  Fri, 23 Dec 2022 12:57:26 +0200
  • libx11 (2:1.8.3-2) unstable; urgency=medium

  [ Debian Janitor ]
  * Remove constraints unnecessary since buster (oldstable):
    + Build-Depends: Drop versioned constraint on dpkg-dev, libxcb1-dev and
      xutils-dev.
    + Build-Depends-Indep: Drop versioned constraint on xorg-sgml-doctools.
    + libx11-data: Drop versioned constraint on libx11-6 in Breaks.
    + libx11-dev: Drop versioned constraint on libxau-dev and libxdmcp-dev in
      Depends.
    + libx11-xcb-dev: Drop versioned constraint on libxcb1-dev in Depends.
    + libx11-doc: Drop versioned constraint on libx11-dev in Replaces.
    + libx11-doc: Drop versioned constraint on libx11-dev in Breaks.

  [ Timo Aaltonen ]
  * patches: Revert four commits to fix a regression which is still
    unfixed.
  * rules: Add --disable-thread-safety-constructor again.
  * rules: NEWS got removed, don't try to install it.
  * symbols: Updated.

 -- Timo Aaltonen <email address hidden>  Tue, 20 Dec 2022 17:02:56 +0200
  • libx11 (2:1.8.1-2) unstable; urgency=medium

  * rules: Disable thread safety constructor. (Closes: #1016363)

 -- Timo Aaltonen <email address hidden>  Thu, 04 Aug 2022 09:21:33 +0300