Accepting request 181336 from X11:XOrg

update to 1.7.2 prerelease (forwarded request 181335 from tobijk) OBS-URL: https://build.opensuse.org/request/show/181336 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libXi?expand=0&rev=9
2013-06-29 17:42:58 +00:00 · 2013-06-29 17:42:58 +00:00 · 077636d14a
commit 077636d14a
parent acde435140 0a5581c3bd
4 changed files with 15 additions and 4 deletions
--- a/libXi-1.7.1.901.tar.bz2
+++ b/libXi-1.7.1.901.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5248b643fc0b76fff978eefc0acdeee278407983cf7b6e371242e1b53ba32f7c
+size 441364
--- a/libXi-1.7.1.tar.bz2
+++ b/libXi-1.7.1.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e92adb6b69c53c51e05c1e65db97e23751b935a693000fb0606c11b88c0066c5
-size 434569
--- a/libXi.changes
+++ b/libXi.changes
@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Fri Jun 28 12:32:47 UTC 2013 - tobias.johannes.klausmann@mni.thm.de
+
+- Update to version 1.7.1.901:
+  First and likely only RC for libXi 1.7.2. This one has a bunch of changes
+  for CVE-2013-1998, CVE-2013-1984 and CVE-2013-1995. These relate to various
+  integer overflows and other corruption that happens if we trust the server
+  a bit too much on the data we're being sent.
+  On top of those fixes, the sequence number in XI2 events is now set
+  propertly too (#64687).
+
 -------------------------------------------------------------------
 Fri Apr  5 13:51:01 UTC 2013 - tobias.johannes.klausmann@mni.thm.de

--- a/libXi.spec
+++ b/libXi.spec
@ -18,7 +18,7 @@

 Name:           libXi
 %define lname	libXi6
-Version:        1.7.1
+Version:        1.7.1.901
 Release:        0
 Summary:        X Input Extension library
 License:        MIT