- Update to 3.5.17

* This release contains fixes for the libXpm issues reported in security advisory here: https://lists.x.org/archives/xorg-announce/2023-October/003424.html * fixes CVE-2023-43788 libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (boo#1215686) * fixes CVE-2023-43789 libXpm: out of bounds read on XPM with corrupted colormap (boo#1215687) OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/libXpm?expand=0&rev=31
2023-10-03 20:48:43 +00:00 · 2023-10-03 20:48:43 +00:00 · 3dbefaec8e
commit 3dbefaec8e
parent e6155c5c23
6 changed files with 16 additions and 4 deletions
--- a/libXpm-3.5.16.tar.xz
+++ b/libXpm-3.5.16.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e6bc5da7a69dbd9bcc67e87c93d4904fe2f5177a0711c56e71fa2f6eff649f51
-size 469020
--- a/libXpm-3.5.16.tar.xz.sig
+++ b/libXpm-3.5.16.tar.xz.sig
--- a/libXpm-3.5.17.tar.xz
+++ b/libXpm-3.5.17.tar.xz
--- a/libXpm-3.5.17.tar.xz.sig
+++ b/libXpm-3.5.17.tar.xz.sig
--- a/libXpm.changes
+++ b/libXpm.changes
@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Tue Oct  3 20:43:14 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
+
+- Update to 3.5.17
+  * This release contains fixes for the libXpm issues reported in
+    security advisory here: 
+    https://lists.x.org/archives/xorg-announce/2023-October/003424.html
+  * fixes CVE-2023-43788 libXpm: out of bounds read in
+    XpmCreateXpmImageFromBuffer() (boo#1215686)
+  * fixes CVE-2023-43789 libXpm: out of bounds read on XPM with
+    corrupted colormap (boo#1215687)
+
 -------------------------------------------------------------------
 Tue Apr 18 11:28:16 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>

--- a/libXpm.spec
+++ b/libXpm.spec
@ -18,7 +18,7 @@

 %define lname	libXpm4
 Name:           libXpm
-Version:        3.5.16
+Version:        3.5.17
 Release:        0
 Summary:        X Pixmap image file format library
 License:        MIT