-
libx11 (2:1.8.6-1ubuntu1) mantic; urgency=medium
* SECURITY UPDATE: out-of-bounds memory access in _XkbReadKeySyms()
- d/p/0001-CVE-2023-43785-out-of-bounds-memory-access-in-_XkbRe.patch
- CVE-2023-43785
* SECURITY UPDATE: stack exhaustion from infinite recursion in
PutSubImage()
- d/p/0002-CVE-2023-43786-stack-exhaustion-from-infinite-recurs.patch
- d/p/0003-XPutImage-clip-images-to-maximum-height-width-allowe.patch
- CVE-2023-43786
* SECURITY UPDATE: integer overflow in XCreateImage() leading to a heap
overflow
- d/p/0004-XCreatePixmap-trigger-BadValue-error-for-out-of-rang.patch
- d/p/0005-CVE-2023-43787-Integer-overflow-in-XCreateImage-lead.patch
- CVE-2023-43787
-- Marc Deslauriers <email address hidden> Tue, 03 Oct 2023 14:28:30 -0400
-
libx11 (2:1.8.6-1) unstable; urgency=medium
* Team upload.
* New upstream release
- InitExt.c: Add bounds checks for extension request, event, & error codes
(CVE-2023-3138)
-- Julien Cristau <email address hidden> Fri, 16 Jun 2023 14:36:12 +0200
-
libx11 (2:1.8.4-2ubuntu1) mantic; urgency=medium
* SECURITY UPDATE: multiple buffer overflows
- debian/patches/CVE-2023-3138.patch: add bounds checks for extension
request, event, & error codes in src/InitExt.c.
- CVE-2023-3138
-- Marc Deslauriers <email address hidden> Tue, 13 Jun 2023 07:23:54 -0400
-
libx11 (2:1.8.4-2) unstable; urgency=medium
* rules: Drop --disable-thread-safety-constructor again.
-- Timo Aaltonen <email address hidden> Mon, 27 Feb 2023 20:31:15 +0200
