Subject: CVS commit: [pkgsrc-2013Q4] pkgsrc/x11/libXfont
From: Matthias Scheler
Date: 2014-01-07 18:11:53
Message id: 20140107171153.E39F196@cvs.netbsd.org

Log Message:
Pullup ticket #4287 - requested by wiz
x11/libXfont: security patch

Revisions pulled up:
- x11/libXfont/Makefile                                         1.29
- x11/libXfont/distinfo                                         1.20
- x11/libXfont/patches/patch-src_bitmap_bdfread.c               1.1

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Tue Jan  7 07:39:49 UTC 2014

   Modified Files:
   	pkgsrc/x11/libXfont: Makefile distinfo
   Added Files:
   	pkgsrc/x11/libXfont/patches: patch-src_bitmap_bdfread.c

   Log Message:
   CVE-2013-6462:
   A BDF font file containing a longer than expected string could
   overflow the buffer on the stack.  Testing in X servers built with
   Stack Protector resulted in an immediate crash when reading a
   user-provided specially crafted font.

   Bump PKGREVISION.

Files:
RevisionActionfile
1.28.4.1modifypkgsrc/x11/libXfont/Makefile
1.19.4.1modifypkgsrc/x11/libXfont/distinfo
1.1.2.2addpkgsrc/x11/libXfont/patches/patch-src_bitmap_bdfread.c