Subject: CVS commit: [pkgsrc-2014Q1] pkgsrc/emulators/suse131_x11
From: Matthias Scheler
Date: 2014-05-28 19:32:52
Message id: 20140528173252.449B596@cvs.netbsd.org
Log Message:
Pullup ticket #4417 - requested by obache
emulators/suse131_x11: security update

Revisions pulled up:
- emulators/suse131_x11/Makefile                                1.6-1.7
- emulators/suse131_x11/distinfo                                1.6

---
   Module Name:	pkgsrc
   Committed By:	obache
   Date:		Fri May 23 13:18:56 UTC 2014

   Modified Files:
   	pkgsrc/emulators/suse131_x11: Makefile distinfo

   Log Message:
   Apply openSUSE Security Update: openSUSE-SU-2014:0711-1
   libXfont: Fixed multiple vulnerabilities

      An update that fixes three vulnerabilities is now available.

   Description:

      libxfont was updated to fix multiple vulnerabilities:
      - Integer overflow of allocations in font metadata file parsing
        (CVE-2014-0209).
      - Unvalidated length fields when parsing xfs protocol replies
        (CVE-2014-0210).
      - Integer overflows calculating memory needs for xfs replies
        (CVE-2014-0211).

      These vulnerabilities could be used by a local, authenticated user to
      raise privileges
      or by a remote attacker with control of the font server to execute code
       with the privileges of the X server.

---
   Module Name:	pkgsrc
   Committed By:	obache
   Date:		Fri May 23 13:20:50 UTC 2014

   Modified Files:
   	pkgsrc/emulators/suse131_x11: Makefile

   Log Message:
   Bump PKGREVISION to refrect libXfont rpm update.
Files:
RevisionActionfile
1.5.2.1modifypkgsrc/emulators/suse131_x11/Makefile
1.5.2.1modifypkgsrc/emulators/suse131_x11/distinfo