Subject: CVS commit: [netbsd-2] xsrc/xfree/xc
To: None <source-changes@NetBSD.org>
From: Manuel Bouyer <bouyer@netbsd.org>
List: source-changes
Date: 04/05/2007 21:01:19
Module Name: xsrc
Committed By: bouyer
Date: Thu Apr 5 21:01:19 UTC 2007
Modified Files:
xsrc/xfree/xc/extras/freetype2/src/bdf [netbsd-2]: bdflib.c
xsrc/xfree/xc/lib/X11 [netbsd-2]: ImUtil.c
xsrc/xfree/xc/lib/font/bitmap [netbsd-2]: bdfread.c
xsrc/xfree/xc/lib/font/fontfile [netbsd-2]: fontdir.c
xsrc/xfree/xc/programs/Xserver/Xext [netbsd-2]: xcmisc.c
Log Message:
Pull up following revision(s) (requested by drochner in ticket #11285):
xfree/xc/extras/freetype2/src/bdf/bdflib.c: revision 1.3
xfree/xc/lib/X11/ImUtil.c: revision 1.2
xfree/xc/lib/font/fontfile/fontdir.c: revision 1.2
xfree/xc/programs/Xserver/Xext/xcmisc.c: revision 1.2
xfree/xc/lib/font/bitmap/bdfread.c: revision 1.2
fix a possible memory corruption due to integer overflow in
ProcXCMiscGetXIDList() (CVE-2007-1003)
fix a possible memory corruption due to integer overflow, caused by lack
of validation of bdf font files (CVE 2007-1351)
fix a possible memory corruption due to integer overflow, caused by lack
of validation of fonts.dir files (CVE 2007-1352)
fix a possible memory corruption due to incomplete input validation in
XInitImage() (CVE 2007-1667)
pull in a patch from freetype CVS (CVE-2007-1351):
* src/bdf/bdflib.c (setsbit, sbitset): Handle values >= 128
gracefully.
(_bdf_set_default_spacing): Increase `name' buffer size to 256 and
issue an error for longer names.
(_bdf_parse_glyphs): Limit allowed number of glyphs in font to the
number of code points in Unicode.
To generate a diff of this commit:
cvs rdiff -r1.1.1.2.4.1 -r1.1.1.2.4.2 \
xsrc/xfree/xc/extras/freetype2/src/bdf/bdflib.c
cvs rdiff -r1.1.1.5 -r1.1.1.5.4.1 xsrc/xfree/xc/lib/X11/ImUtil.c
cvs rdiff -r1.1.1.6 -r1.1.1.6.4.1 xsrc/xfree/xc/lib/font/bitmap/bdfread.c
cvs rdiff -r1.1.1.7 -r1.1.1.7.4.1 xsrc/xfree/xc/lib/font/fontfile/fontdir.c
cvs rdiff -r1.1.1.5 -r1.1.1.5.4.1 \
xsrc/xfree/xc/programs/Xserver/Xext/xcmisc.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.