Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-2-0]: src/doc ticket 11285

details:   https://anonhg.NetBSD.org/src/rev/db7dfad8cbfc
branches:  netbsd-2-0
changeset: 565044:db7dfad8cbfc
user:      bouyer <bouyer%NetBSD.org@localhost>
date:      Thu Apr 05 21:05:30 2007 +0000

description:
ticket 11285

diffstat:

 doc/CHANGES-2.0.4 |  25 ++++++++++++++++++++++++-
 1 files changed, 24 insertions(+), 1 deletions(-)

diffs (36 lines):

diff -r 224496583ae8 -r db7dfad8cbfc doc/CHANGES-2.0.4
--- a/doc/CHANGES-2.0.4 Wed Apr 04 21:43:06 2007 +0000
+++ b/doc/CHANGES-2.0.4 Thu Apr 05 21:05:30 2007 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: CHANGES-2.0.4,v 1.1.2.66 2007/04/04 21:43:06 bouyer Exp $
+#      $NetBSD: CHANGES-2.0.4,v 1.1.2.67 2007/04/05 21:05:30 bouyer Exp $
 
 A complete list of changes from the NetBSD 2.0.3 update to the NetBSD 2.0.4
 update.
@@ -547,3 +547,26 @@
        Update to tzdata2007a
        [apb, ticket #11134]
 
+xsrc/xfree/xc/extras/freetype2/src/bdf/bdflib.c        1.3
+xsrc/xfree/xc/lib/X11/ImUtil.c                 1.2
+xsrc/xfree/xc/lib/font/bitmap/bdfread.c                1.2
+xsrc/xfree/xc/lib/font/fontfile/fontdir.c      1.2
+xsrc/xfree/xc/programs/Xserver/Xext/xcmisc.c   1.2
+
+       fix a possible memory corruption due to integer overflow in
+       ProcXCMiscGetXIDList() (CVE-2007-1003)
+       fix a possible memory corruption due to integer overflow, caused by
+       lack of validation of bdf font files (CVE 2007-1351)
+       fix a possible memory corruption due to integer overflow, caused by
+       lack of validation of fonts.dir files (CVE 2007-1352)
+       fix a possible memory corruption due to incomplete input validation in
+       XInitImage() (CVE 2007-1667)
+       pull in a patch from freetype CVS (CVE-2007-1351):
+         src/bdf/bdflib.c (setsbit, sbitset): Handle values >= 128
+         gracefully.
+         (_bdf_set_default_spacing): Increase `name' buffer size to 256 and
+         issue an error for longer names.
+         (_bdf_parse_glyphs): Limit allowed number of glyphs in font to the
+         number of code points in Unicode.
+       [drochner, ticket #11285]
+
Home | Main Index | Thread Index | Old Index