-
libx11 (2:1.8.4-2ubuntu0.3) lunar-security; urgency=medium
* SECURITY UPDATE: out-of-bounds memory access in _XkbReadKeySyms()
- d/p/0001-CVE-2023-43785-out-of-bounds-memory-access-in-_XkbRe.patch
- CVE-2023-43785
* SECURITY UPDATE: stack exhaustion from infinite recursion in
PutSubImage()
- d/p/0002-CVE-2023-43786-stack-exhaustion-from-infinite-recurs.patch
- d/p/0003-XPutImage-clip-images-to-maximum-height-width-allowe.patch
- CVE-2023-43786
* SECURITY UPDATE: integer overflow in XCreateImage() leading to a heap
overflow
- d/p/0004-XCreatePixmap-trigger-BadValue-error-for-out-of-rang.patch
- d/p/0005-CVE-2023-43787-Integer-overflow-in-XCreateImage-lead.patch
- CVE-2023-43787
-- Marc Deslauriers <email address hidden> Mon, 02 Oct 2023 15:07:04 -0400
-
libx11 (2:1.8.4-2ubuntu0.2) lunar-security; urgency=medium
* SECURITY UPDATE: multiple buffer overflows
- debian/patches/CVE-2023-3138.patch: add bounds checks for extension
request, event, & error codes in src/InitExt.c.
- CVE-2023-3138
-- Marc Deslauriers <email address hidden> Tue, 13 Jun 2023 07:24:29 -0400
-
libx11 (2:1.8.4-2) unstable; urgency=medium
* rules: Drop --disable-thread-safety-constructor again.
-- Timo Aaltonen <email address hidden> Mon, 27 Feb 2023 20:31:15 +0200
-
libx11 (2:1.8.3-3) unstable; urgency=medium
* Revert yet another commit causing regressions. (Closes: #1026809)
-- Timo Aaltonen <email address hidden> Fri, 23 Dec 2022 12:57:26 +0200
-
libx11 (2:1.8.3-2) unstable; urgency=medium
[ Debian Janitor ]
* Remove constraints unnecessary since buster (oldstable):
+ Build-Depends: Drop versioned constraint on dpkg-dev, libxcb1-dev and
xutils-dev.
+ Build-Depends-Indep: Drop versioned constraint on xorg-sgml-doctools.
+ libx11-data: Drop versioned constraint on libx11-6 in Breaks.
+ libx11-dev: Drop versioned constraint on libxau-dev and libxdmcp-dev in
Depends.
+ libx11-xcb-dev: Drop versioned constraint on libxcb1-dev in Depends.
+ libx11-doc: Drop versioned constraint on libx11-dev in Replaces.
+ libx11-doc: Drop versioned constraint on libx11-dev in Breaks.
[ Timo Aaltonen ]
* patches: Revert four commits to fix a regression which is still
unfixed.
* rules: Add --disable-thread-safety-constructor again.
* rules: NEWS got removed, don't try to install it.
* symbols: Updated.
-- Timo Aaltonen <email address hidden> Tue, 20 Dec 2022 17:02:56 +0200
-
libx11 (2:1.8.1-2) unstable; urgency=medium
* rules: Disable thread safety constructor. (Closes: #1016363)
-- Timo Aaltonen <email address hidden> Thu, 04 Aug 2022 09:21:33 +0300