Stefan Dirsch
a377da9893
* This release provides a fix for CVE-2017-2625 for platforms which don't have
arc4random_buf() in their default libraries but do have getentropy(), such
as Linux platforms with a kernel version of 3.17 or newer and a glibc version
of 2.25 or newer. (libXdmcp 1.1.2 already ensured that arc4random_buf()
is used on platforms that have it to provide sufficient entropy in XDMCP
key generation, but left other platforms with the weaker methods. Linux
platforms could also have linked against libbsd to use arc4random_buf()
with libXdmcp 1.1.2 for stronger keys.)
- supersedes U_Fix-compilation-error-when-arc4random_buf-is-not-ava.patch,
U_Use-getentropy-if-arc4random_buf-is-not-available.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/libXdmcp?expand=0&rev=14