SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 
Changelog for xorg-x11-libs-6.8.2-13tr.i586.rpm :
Wed Jan 10 13:00:00 2007 Nived Gopalan 6.8.2-13tr
- SECURITY Fix: Sean Larsson has reported some vulnerabilities in
X.Org X11, caused due to input validation errors within the
\"ProcRenderAddGlyphs()\" function of the \"Renderer\" extension and
the \"ProcDbeGetVisualInfo()\" and \"ProcDbeSwapBuffers()\" functions
of the \"DBE\" extension. This can be exploited to cause a memory
corruption by sending specially crafted X requests to the X server.

The Common Vulnerabilities and Exposures project has assigned the
names CVE-2006-6101, CVE-2006-6102 and CVE-2006-6103 to these issues.

Thu Oct 12 14:00:00 2006 Nived Gopalan 6.8.2-12tr
- Add patch to build against freetype 2.2.x.
- SECURITY Fix: Some vulnerabilities have been reported in libXfont,
which can be exploited by malicious, local users to gain escalated
privileges. The vulnerabilities are caused due to integer overflows
within the \"scan_cid()\" function when handling CMAP and CIDFont data
and the \"CIDADM()\" function when parsing AFM (Adobe Font Metric)
files. These can be exploited to cause buffer overflows via specially
crafted CID encoded Type1 fonts.
- Another security issues have been reported in X.Org X11, caused due
to missing checks whether the setuid() or similar calls have
succeeded. This can be exploited to perform certain actions with
root privileges if the calls fail due to e.g. resource limits.
- An integer overflow flaw in the way the X.org server processes PCF
files was discovered. This could be exploited to cause a denial of
service or potentially execute arbitrary code with root privileges
on the X.org server

The Common Vulnerabilities and Exposures project has assigned the
names CVE-2006-3740, CVE-2006-3739, CVE-2006-4447 and
CVE-2006-3467 to these issues.

Wed May 3 14:00:00 2006 Nived Gopalan 6.8.2-11tr
- SECURITY Fix: A buffer overflow in the XRender extension allows any
X.Org user to execute arbitrary code with elevated privileges. A typo
causes the code to mis-compute the size of memory allocations in the
XRenderCompositeTriStrip and XRenderCompositeTriFan requests.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-1526 this issue.

Mon Nov 14 13:00:00 2005 Ajith Thampi 6.8.2-10tr
- Fixed Requires and BuildRequires.

Wed Sep 14 14:00:00 2005 Syed Shabir Zakiullah 6.8.2-9tr
- SECURITY Fix: Heap overflow in pixmap allocation
- An integer overflow in pixmap memory allocation potentially allows any
xorg-x11 user to execute arbitrary code with elevated privileges.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-2495 to this issue.

Wed Jun 29 14:00:00 2005 Bipin S 6.8.2-8tr
- Fixed unresolved symbols __guard_setup and __stack_smash_handler by applying
xorg-ssp.patch which disables stack protection for xorg. Stack guard has been
eliminated from xorg core as per project anyways.
- workaround to fix problems with 2.6.x kernel headers.
- patch fix against hardened gcc only (Stack Smash Protected GCC)

Tue May 10 14:00:00 2005 Hasher J 6.8.2-6tr
- Fix security vulnerability, scan.c for LibXPM may allow attackers to execute
arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CAN-2005-0605 (Bug #625)

Mon Apr 25 14:00:00 2005 Syed Shabir Zakiullah 6.8.2-5tr
- Applied gcc4 patch and rebuilt against gcc-4.0

Wed Apr 20 14:00:00 2005 Syed Shabir Zakiullah 6.8.2-4tr
- Changed init priority for xprint.init

Tue Apr 19 14:00:00 2005 Ajith Thampi 6.8.2-3tr
- Major Fixup

Tue Apr 5 14:00:00 2005 Ajith Thampi 6.8.2-2tr
- Rebuilt on TSL-3.0
- Added a kernel-headers fix

Tue Mar 22 13:00:00 2005 Ajith Thampi 6.8.2-1ta
- New Upstream

Tue Nov 16 13:00:00 2004 Chr. Toldnes 6.8.1-7ct
- Cleanup
- This is a contrib package, group should be \"Trustix Contrib\"
- Add locales files

Mon Nov 8 13:00:00 2004 Ajith Thampi 6.8.1-4tr
- New Upstream

Wed Oct 13 14:00:00 2004 Ajith Thampi 6.7.0-3ta
- Added xft package

Thu Oct 7 14:00:00 2004 Ajith Thampi 6.7.0-1ta
- Rebuilt for TSL 2.0

Tue Sep 14 14:00:00 2004 Jeyaganesan 6.7.0-1je
- Newly packaged for Trustix