Opened 7 years ago

Closed 7 years ago

#9878 closed enhancement (fixed)

libXfont2-2.0.2 (xorg library)

Reported by: bdubbs@… Owned by: ken@…
Priority: high Milestone: 8.2
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (3)

comment:1 by Douglas R. Reno, 7 years ago

Priority: normalhigh

comment:2 by ken@…, 7 years ago

Owner: changed from blfs-book@… to ken@…
Status: newassigned

A collection of minor fixes since 2.0.1, including CVEs 2017-13720 and 2017-13722.

Adam Jackson (5):

configure: Use -fvisibility=hidden if available autogen: Set a default subject prefix for patches freetype: Fix a logic error in computing face name readme: Update for libXfont 2.0 interface change libXfont 2.0.2

Emil Velikov (1):

autogen.sh: use quoted string variables

Jeremy Huddleston Sequoia (5):

FreeType: Correct an allocation size bitmap: Bail out on invalid input to FontFileMakeDir instead of calling calloc for 0 bytes fserve: Silence a -Wformat warning fstrans: Remove unused foo() function fserve: Fix a buffer read overrun in _fs_client_access

Keith Packard (1):

Revert "Add compiler warning flags". Leave warning fixes.

Michal Srb (2):

Check for end of string in PatternMatch (CVE-2017-13720) pcfGetProperties: Check string boundaries (CVE-2017-13722)

Peter Hutterer (1):

autogen.sh: use exec instead of waiting for configure to finish

The CVE details are now available at mitre. They appear to be attacks by local users.

comment:3 by ken@…, 7 years ago

Resolution: fixed
Status: assignedclosed

Fixed in r19323.

Note: See TracTickets for help on using tickets.