Subject: CVS commit: pkgsrc/x11/libXpm
From: Thomas Klausner
Date: 2023-10-03 22:28:15
Message id:

Log Message:
libXpm: update to 3.5.17.

This release contains fixes for the issues reported in today's security

Alan Coopersmith (10):
      Set close-on-exec when opening files
      test: use g_pattern_spec_match_string if available
      Explicitly mark non-static symbols as export or hidden
      Fix CVE-2023-43788: Out of bounds read in XpmCreateXpmImageFromBuffer
      test: Add test case for CVE-2023-43789 (corrupt colormap info)
      Fix CVE-2023-43789: Out of bounds read on XPM with corrupted colormap
      test: Add test case for CVE-2023-43786 (stack exhaustion in PutImage)
      Avoid CVE-2023-43786: stack exhaustion in XPutImage()
      test: Add test case for CVE-2023-43787 (integer overflow in XCreateImage)
      libXpm 3.5.17

Yair Mizrahi (1):
      Avoid CVE-2023-43787 (integer overflow in XCreateImage)