diff --git a/libX11-1.8.6.tar.xz b/libX11-1.8.6.tar.xz deleted file mode 100644 index 4e9e523..0000000 --- a/libX11-1.8.6.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:59535b7cc6989ba806a022f7e8533b28c4397b9d86e9d07b6df0c0703fa25cc9 -size 1859460 diff --git a/libX11-1.8.7.tar.xz b/libX11-1.8.7.tar.xz new file mode 100644 index 0000000..23259aa --- /dev/null +++ b/libX11-1.8.7.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:05f267468e3c851ae2b5c830bcf74251a90f63f04dd7c709ca94dc155b7e99ee +size 1859256 diff --git a/libX11.changes b/libX11.changes index 4856030..2b053b5 100644 --- a/libX11.changes +++ b/libX11.changes @@ -1,3 +1,23 @@ +------------------------------------------------------------------- +Tue Oct 3 20:51:22 UTC 2023 - Stefan Dirsch + +- update to 1.8.7 + This release contains fixes for the issues reported in security + advisory here: + https://lists.x.org/archives/xorg-announce/2023-October/003424.html + * fixes CVE-2023-43785 libX11: out-of-bounds memory access in + _XkbReadKeySyms() (boo#1215683) + * fixes CVE-2023-43786 libX11: stack exhaustion from infinite recursion + in PutSubImage() (boo#1215684) + * fixes CVE-2023-43787 libX11: integer overflow in XCreateImage() + leading to a heap overflow (boo#1215685) + along with: + * Fail XOpenDisplay() if server-provided default visual is invalid (!233) + * Bring XKB docs in line with actual implementation (!231, !228) + * Xutil.h: declare XEmptyRegion() and XEqualRegion() as Bool (!225) + * Assorted updates to en_US.UTF-8 compose keys (!213, !214, !215, !216, + !217, !219, !220, !222, !223, !226, !227, !229) + ------------------------------------------------------------------- Sat Jul 15 14:44:18 UTC 2023 - Dirk Müller diff --git a/libX11.spec b/libX11.spec index ea714a5..177c85f 100644 --- a/libX11.spec +++ b/libX11.spec @@ -17,7 +17,7 @@ Name: libX11 -Version: 1.8.6 +Version: 1.8.7 Release: 0 Summary: Core X11 protocol client library License: MIT