pkgsrc.se | The NetBSD package collection

./x11/libXpm, X PixMap Library from modular Xorg X11

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 3.5.17, Package name: libXpm-3.5.17, Maintainer: pkgsrc-users

XPM (X PixMap) is a format for storing and retrieving X pixmaps
to and from files.

This libXpm is from the modular Xorg X11.

This package includes the cxpm(1) tool for checking XPM files
and the sxpm(1) tool for viewing and conversions of XPM files.

Required to build:
[pkgtools/x11-links] [pkgtools/cwrappers] [x11/xorgproto]

Master sites:

Filesize: 457.973 KB

Version history: (Expand)

(2023-10-03) Updated to version: libXpm-3.5.17
(2023-04-17) Updated to version: libXpm-3.5.16
(2023-01-17) Updated to version: libXpm-3.5.15
(2022-11-20) Updated to version: libXpm-3.5.14
(2019-12-13) Updated to version: libXpm-3.5.13
(2018-03-07) Updated to version: libXpm-3.5.12nb1

CVS history: (Expand)

2023-10-03 22:28:15 by Thomas Klausner | Files touched by this commit (2) | Package updated

Log message:
libXpm: update to 3.5.17.

This release contains fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg-announce/2023-October/003424.html

Alan Coopersmith (10):
      Set close-on-exec when opening files
      test: use g_pattern_spec_match_string if available
      Explicitly mark non-static symbols as export or hidden
      Fix CVE-2023-43788: Out of bounds read in XpmCreateXpmImageFromBuffer
      test: Add test case for CVE-2023-43789 (corrupt colormap info)
      Fix CVE-2023-43789: Out of bounds read on XPM with corrupted colormap
      test: Add test case for CVE-2023-43786 (stack exhaustion in PutImage)
      Avoid CVE-2023-43786: stack exhaustion in XPutImage()
      test: Add test case for CVE-2023-43787 (integer overflow in XCreateImage)
      libXpm 3.5.17

Yair Mizrahi (1):
      Avoid CVE-2023-43787 (integer overflow in XCreateImage)

2023-04-17 23:09:49 by Thomas Klausner | Files touched by this commit (3) | Package updated

Log message:
libXpm: update to 3.5.16.

Alan Coopersmith (11):
      test: skip compressed file tests when --disable-open-zfile is used
      gitlab CI: build with each of --enable-open-zfile & --disable-open-zfile
      configure: correct error message to suggest --disable-open-zfile
      open-zfile: Make compress & uncompress commands optional
      Require LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
      XpmCreateDataFromXpmImage: Fix misleading indentation
      parse.c: Wrap FREE_CIDX definition in do { ... } while(0)
      parse.c: remove unused function xstrlcpy()
      test: Use PACKAGE_BUGREPORT instead of hard-coded URL's
      test: Add simple test cases for functions in src/rgb.c
      xpmReadRgbNames: constify filename argument

Matt Turner (1):
      libXpm 3.5.16

Peter Hutterer (1):
      Fix a memleak in ParsePixels error code path

2023-03-02 08:52:30 by Tobias Nygren | Files touched by this commit (1)

Log message:
libXpm: wire down path to uncompress(1) as well

2023-02-10 10:07:22 by Tobias Nygren | Files touched by this commit (1)

Log message:
libXpm: fix build on Linux

2023-01-23 09:30:02 by Adam Ciarcinski | Files touched by this commit (1)

Log message:
libXpm: Explicitly define path to gzip

2023-01-17 19:42:39 by Thomas Klausner | Files touched by this commit (3) | Package updated

Log message:
libXpm: update to 3.5.15.

This release contains fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg-announce/2023-January/003312.html

It also adds a new configure option --disable-open-zfile that makes it easy
for people building libXpm to completely disable the code to fork compression
and uncompression programs if they do not have a need for it in their use case.
The README.md file has been updated to document both of the configure options
to control the optional compression handling features.

Alan Coopersmith (12):
      man pages: Fix typos and other minor editing
      man pages: Replace "See Also" entries with more useful ones
      man pages: Apply standard man page style/formatting
      configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE
      test: Add unit tests using glib framework
      cxpm: getc/ungetc wrappers should not adjust position when c == EOF
      test: add test case for CVE-2022-46285 (unclosed comments)
      Fix CVE-2022-46285: Infinite loop on unclosed comments
      test: add test cases for CVE-2022-44617 (zero-width w/enormous height)
      Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
      Fix CVE-2022-4883: compression commands depend on $PATH
      libXpm 3.5.15

Matthieu Herrb (1):
      Prevent a double free in the error code path

Peter Hutterer (1):
      Use gzip -d instead of gunzip

2022-11-19 22:34:31 by Thomas Klausner | Files touched by this commit (5) | Package updated

Log message:
libXpm: update to 3.5.14.

The only changes to the code in this release are typo fixes in the
comments, but the big change is the addition of man pages, thanks
to the work Walter Harms did to convert the API docs from the old
Postscript file into man page format.

Alan Coopersmith (11):
      Build xz tarballs instead of bzip2
      Fix spelling/wording issues
      man: strip trailing whitespace
      gitlab CI: add a basic build test
      man pages: Make file names consistent with their displayed names
      man pages: Fix shadow man pages
      man pages: Make function synopses more consistent with other pages
      man pages: Add missing word 'function' where needed
      man pages: Fix typos
      man pages: Correct Copyright/License notices
      libXpm 3.5.14

Walter Harms (2):
      add man pages based on doc/xpm.PS
      update man pages

2022-11-09 14:14:32 by Joerg Sonnenberger | Files touched by this commit (223)

Log message:
Reset MAINTAINER