/libXfont, X font Library
1.4.7, Package name:
libXfont-1.4.7, Maintainer: joerg
This package provides the X font Library from the modular
X.org X11 project.
Required to run:
] Required to build:
Master sites: (Expand) SHA1:
Version history: (Expand)
- (2014-01-08) Updated to version: libXfont-1.4.7
- (2014-01-07) Updated to version: libXfont-1.4.6nb1
- (2013-07-22) Updated to version: libXfont-1.4.6
- (2013-06-05) Updated to version: libXfont-1.4.5nb2
- (2013-06-03) Updated to version: libXfont-1.4.5nb1
- (2012-06-11) Package has been reborn
CVS history: (Expand)
| 2014-01-07 21:09:18 by Thomas Klausner | Files touched by this commit (3) | |
Update to 1.4.7 (pkgsrc already had the security fix):
This release includes the fix for CVE-2013-6462, as well as other security
hardening and code cleanups, and makes libXfont compatible with libXtrans 1.3
Alan Coopersmith (7):
xstrdup -> strdup
Replace malloc(strlen)+strcpy/strcat calls with strdup
Don't leak old allocation if realloc fails to enlarge it
Add AC_USE_SYSTEM_EXTENSIONS to expose non-standard extensions
CVE-2013-6462: unlimited sscanf overflows stack buffer in bdfReadCharacters()
Limit additional sscanf strings to fit buffer sizes
Julien Cristau (1):
Make serverGeneration unsigned
| 2014-01-07 08:39:49 by Thomas Klausner | Files touched by this commit (3) | |
A BDF font file containing a longer than expected string could
overflow the buffer on the stack. Testing in X servers built with
Stack Protector resulted in an immediate crash when reading a
user-provided specially crafted font.
| 2013-07-22 08:34:53 by Thomas Klausner | Files touched by this commit (2) | |
Update to 1.4.6:
This minor bug fix release includes a couple bug fixes, and a little bit
of cleanup of both the code & build configuration.
Adam Jackson (2):
catalogue: Fix obvious thinko
configure: Remove AM_MAINTAINER_MODE
Alan Coopersmith (3):
Replace deprecated Automake INCLUDES variable with AM_CPPFLAGS
Require ANSI C89 pre-processor, drop pre-C89 token pasting support
Arvind Umrao (1):
If socket is interrupted with signal EINTR, re-attempt read.
Colin Walters (1):
autogen.sh: Implement GNOME Build API
Thomas Klausner (1):
Protect config.h inclusion with ifdef HAVE_CONFIG_H, like usual.
Yaakov Selkowitz (1):
Omit catalogue support on systems without symlinks
| 2013-06-05 00:17:35 by Matthias Scheler | Files touched by this commit (1946) |
Try to fix the fallout caused by the fix for PR pkg/47882. Part 3:
Recursively bump package revisions again after the "freetype2" and
"fontconfig" handling was fixed.
| 2013-06-03 12:06:28 by Thomas Klausner | Files touched by this commit (1948) |
Bump freetype2 and fontconfig dependencies to current pkgsrc versions,
to address issues with NetBSD-6(and earlier)'s fontconfig not being
new enough for pango.
While doing that, also bump freetype2 dependency to current pkgsrc
Suggested by tron in PR 47882
| 2012-10-29 06:07:25 by Aleksej Saushev | Files touched by this commit (563) |
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
| 2012-06-09 09:52:51 by OBATA Akio | Files touched by this commit (1) |
Require hacks for fixing autoconf + space in variable name issue.
| 2012-06-01 22:19:16 by Matthias Drochner | Files touched by this commit (3) | |
update to 1.4.5
changes: misc fixes, most notably the fix for the LZW decompression
security issue was integrated