# ChangeLog for x11-libs/libX11
# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/x11-libs/libX11/ChangeLog,v 1.62 2007/02/04 18:23:48 joshuabaergen Exp $
+# $Header: /var/cvsroot/gentoo-x86/x11-libs/libX11/ChangeLog,v 1.63 2007/04/05 06:54:21 dberkholz Exp $
+
+*libX11-1.1.1-r1 (05 Apr 2007)
+*libX11-1.0.3-r2 (05 Apr 2007)
+
+ 05 Apr 2007; Donnie Berkholz <dberkholz@gentoo.org>;
+ +files/xorg-libX11-1.1.1-xinitimage.diff, +libX11-1.0.3-r2.ebuild,
+ +libX11-1.1.1-r1.ebuild:
+ (#172752) Security bump. CVE 2007-1667: libX11 XInitImage input validation.
04 Feb 2007; Joshua Baergen <joshuabaergen@gentoo.org>
libX11-1.0.1-r1.ebuild, libX11-1.0.3.ebuild, libX11-1.0.3-r1.ebuild:
--- /dev/null
+MD5 60b787a812c92d33f71860e4e19cb59d libX11-1.0.3.tar.bz2 1449835
+RMD160 285a878a8ec9ecbd86e67897ca15ce96c994f38a libX11-1.0.3.tar.bz2 1449835
+SHA256 fb42f2400c3709a0c2c17f27cc4a902c191ebd6228c70698891bf3a13ea5b3ac libX11-1.0.3.tar.bz2 1449835
--- /dev/null
+MD5 848b80f77b20ae1fa5c882bbfa531ebc libX11-1.1.1.tar.bz2 1426405
+RMD160 99c2d2bd6823c09667dffa5e4265924e93e76eef libX11-1.1.1.tar.bz2 1426405
+SHA256 5359db57793430429786b648ac570d4ab205797306e049bf1e8675250af21541 libX11-1.1.1.tar.bz2 1426405
--- /dev/null
+diff --git a/src/ImUtil.c b/src/ImUtil.c
+index 83fd030..9e667bb 100644
+--- a/src/ImUtil.c
++++ b/src/ImUtil.c
+@@ -327,12 +327,13 @@ XImage *XCreateImage (dpy, visual, depth
+ {
+ register XImage *image;
+ int bits_per_pixel = 1;
++ int min_bytes_per_line;
+
+ if (depth == 0 || depth > 32 ||
+ (format != XYBitmap && format != XYPixmap && format != ZPixmap) ||
+ (format == XYBitmap && depth != 1) ||
+ (xpad != 8 && xpad != 16 && xpad != 32) ||
+- offset < 0 || image_bytes_per_line < 0)
++ offset < 0)
+ return (XImage *) NULL;
+ if ((image = (XImage *) Xcalloc(1, (unsigned) sizeof(XImage))) == NULL)
+ return (XImage *) NULL;
+@@ -363,16 +364,21 @@ XImage *XCreateImage (dpy, visual, depth
+ /*
+ * compute per line accelerator.
+ */
+- if (image_bytes_per_line == 0)
+ {
+ if (format == ZPixmap)
+- image->bytes_per_line =
++ min_bytes_per_line =
+ ROUNDUP((bits_per_pixel * width), image->bitmap_pad);
+ else
+- image->bytes_per_line =
++ min_bytes_per_line =
+ ROUNDUP((width + offset), image->bitmap_pad);
+ }
+- else image->bytes_per_line = image_bytes_per_line;
++ if (image_bytes_per_line == 0) {
++ image->bytes_per_line = min_bytes_per_line;
++ } else if (image_bytes_per_line < min_bytes_per_line) {
++ return 0;
++ } else {
++ image->bytes_per_line = image_bytes_per_line;
++ }
+
+ image->bits_per_pixel = bits_per_pixel;
+ image->obdata = NULL;
+@@ -384,7 +390,11 @@ XImage *XCreateImage (dpy, visual, depth
+ Status XInitImage (image)
+ XImage *image;
+ {
++ int min_bytes_per_line;
++
+ if (image->depth == 0 || image->depth > 32 ||
++ image->bits_per_pixel > 32 || image->bitmap_unit > 32 ||
++ image->bits_per_pixel < 0 || image->bitmap_unit < 0 ||
+ (image->format != XYBitmap &&
+ image->format != XYPixmap &&
+ image->format != ZPixmap) ||
+@@ -392,21 +402,24 @@ Status XInitImage (image)
+ (image->bitmap_pad != 8 &&
+ image->bitmap_pad != 16 &&
+ image->bitmap_pad != 32) ||
+- image->xoffset < 0 || image->bytes_per_line < 0)
++ image->xoffset < 0)
+ return 0;
+
+ /*
+ * compute per line accelerator.
+ */
+- if (image->bytes_per_line == 0)
+- {
+ if (image->format == ZPixmap)
+- image->bytes_per_line =
++ min_bytes_per_line =
+ ROUNDUP((image->bits_per_pixel * image->width),
+ image->bitmap_pad);
+ else
+- image->bytes_per_line =
++ min_bytes_per_line =
+ ROUNDUP((image->width + image->xoffset), image->bitmap_pad);
++
++ if (image->bytes_per_line == 0) {
++ image->bytes_per_line = min_bytes_per_line;
++ } else if (image->bytes_per_line < min_bytes_per_line) {
++ return 0;
+ }
+
+ _XInitImageFuncPtrs (image);
--- /dev/null
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/x11-libs/libX11/libX11-1.0.3-r2.ebuild,v 1.1 2007/04/05 06:54:21 dberkholz Exp $
+
+# Must be before x-modular eclass is inherited
+#SNAPSHOT="yes"
+
+inherit x-modular
+
+DESCRIPTION="X.Org X11 library"
+
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="ipv6"
+
+RDEPEND=">=x11-libs/xtrans-1.0.1
+ x11-libs/libXau
+ x11-libs/libXdmcp
+ x11-proto/kbproto
+ x11-proto/inputproto
+ >=x11-proto/xproto-7.0.6"
+DEPEND="${RDEPEND}
+ x11-proto/xf86bigfontproto
+ x11-proto/bigreqsproto
+ x11-proto/xextproto
+ x11-proto/xcmiscproto
+ >=x11-misc/util-macros-0.99.0_p20051007"
+
+CONFIGURE_OPTIONS="$(use_enable ipv6)"
+# xorg really doesn't like xlocale disabled.
+# $(use_enable nls xlocale)
+
+PATCHES="${FILESDIR}/CVE-2006-5397.patch
+ ${FILESDIR}/xorg-libX11-1.1.1-xinitimage.diff"
+
+src_install() {
+ x-modular_src_install
+
+ local ENVD="10libx11"
+ echo "LDPATH=\"/usr/lib\"" > "${T}"/${ENVD}
+ doenvd "${T}"/${ENVD}
+}
--- /dev/null
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/x11-libs/libX11/libX11-1.1.1-r1.ebuild,v 1.1 2007/04/05 06:54:21 dberkholz Exp $
+
+# Must be before x-modular eclass is inherited
+#SNAPSHOT="yes"
+
+inherit x-modular
+
+DESCRIPTION="X.Org X11 library"
+
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="ipv6 xcb"
+RDEPEND=">=x11-libs/xtrans-1.0.1
+ x11-libs/libXau
+ x11-libs/libXdmcp
+ x11-proto/kbproto
+ >=x11-proto/xproto-7.0.6
+ xcb? ( >=x11-libs/libxcb-1.0 )"
+DEPEND="${RDEPEND}
+ x11-proto/xf86bigfontproto
+ x11-proto/bigreqsproto
+ x11-proto/inputproto
+ x11-proto/xextproto
+ x11-proto/xcmiscproto
+ >=x11-misc/util-macros-0.99.0_p20051007"
+
+CONFIGURE_OPTIONS="$(use_enable ipv6)
+ $(use_with xcb)"
+# xorg really doesn't like xlocale disabled.
+# $(use_enable nls xlocale)
+
+PATCHES="${FILESDIR}/xorg-libX11-1.1.1-xinitimage.diff"
DIST libXfont-1.2.2.tar.bz2 597652 RMD160 dacca74fe5cd882bcd6cceac4963f8cd8b4938d6 SHA1 87493c319e1f4b79de7154dd6e2de5baadce3465 SHA256 fb2f8c2ec321b4e38a65df4eaabffa1192ed8e19408e81be20cdcfc3e98b7487
DIST libXfont-1.2.6.tar.bz2 582191 RMD160 2bf77e7c9bdb5aa0aa67e3ee2d05f3cf79722646 SHA1 db1e027f15a92192fd5c20ec000eea02a8bf7705 SHA256 9337670709697046e5071d028fb0c72e0e8b01b6890e952b8bd1021d7cd4fe9a
DIST libXfont-1.2.7.tar.bz2 573915 RMD160 33e2688d1e3490d8b588ca2304b3d4068568dcae SHA1 60deba746e544785ca05c7c68ccfbd5d71370a29 SHA256 2f8c004c0b914d460e6fd2b48d8b425cf4778d415467fc1f1d938b200462d18b
-EBUILD libXfont-1.2.2-r1.ebuild 948 RMD160 e9a2633e8251d6786e071664e781cea009388969 SHA1 a6007afb02924016fef576056e3ae744fb8b345b SHA256 9528fc65624ca82fb8376f0cdb452298e18818505ad2318be95418ddd4ee57d3
-MD5 dbcc78f421a193a021d1157b90f57ed1 libXfont-1.2.2-r1.ebuild 948
-RMD160 e9a2633e8251d6786e071664e781cea009388969 libXfont-1.2.2-r1.ebuild 948
-SHA256 9528fc65624ca82fb8376f0cdb452298e18818505ad2318be95418ddd4ee57d3 libXfont-1.2.2-r1.ebuild 948
+EBUILD libXfont-1.2.2-r1.ebuild 961 RMD160 1c5e42e023452bbdcb8ccf6bc4a9904f14d7204a SHA1 0b9e10ec8267abad2fe68ad37cc071a4be37c18f SHA256 bd6e43a2a0c5305a93a23abf796e6e277059b5a5403cff6413e238b619e76e50
+MD5 382f23af0fb12e47a54f8828e93a6889 libXfont-1.2.2-r1.ebuild 961
+RMD160 1c5e42e023452bbdcb8ccf6bc4a9904f14d7204a libXfont-1.2.2-r1.ebuild 961
+SHA256 bd6e43a2a0c5305a93a23abf796e6e277059b5a5403cff6413e238b619e76e50 libXfont-1.2.2-r1.ebuild 961
EBUILD libXfont-1.2.2.ebuild 884 RMD160 825852d3660deaa07a0194c4188e9c62ae2a07e4 SHA1 760ea4b2b5b9da7c2003521d4af5ad42264c6c5f SHA256 2319390f0c91570423f72cc3473ed7b627daa4bece927de1091ff5850d1c87ea
MD5 cd7739e76fa0fc6e379c6b693005a490 libXfont-1.2.2.ebuild 884
RMD160 825852d3660deaa07a0194c4188e9c62ae2a07e4 libXfont-1.2.2.ebuild 884
MD5 c6c01138e709f2542388160f56719536 libXfont-1.2.7.ebuild 901
RMD160 93fcfb7aeae0803d3fa8653cf3bec81208f0604b libXfont-1.2.7.ebuild 901
SHA256 5c802d24096c6950b162cdc3d6e3bd8f289dd67baec2d5c0589d2cce6aad412c libXfont-1.2.7.ebuild 901
-MISC ChangeLog 9153 RMD160 247a0e701fe615c894a8e6974e9a630532d65241 SHA1 037d3a73581fd2777b0be7036bea446ae49eba32 SHA256 28b8c7029e4f7a8075668d38317237dbb180a0d6c96fa748c8251b5841ccc93e
-MD5 07c67b549a0efc32e2973a8b175d9931 ChangeLog 9153
-RMD160 247a0e701fe615c894a8e6974e9a630532d65241 ChangeLog 9153
-SHA256 28b8c7029e4f7a8075668d38317237dbb180a0d6c96fa748c8251b5841ccc93e ChangeLog 9153
+MISC ChangeLog 9253 RMD160 68ae4ab0fe61f40442dc6b7a314e7514285e05b0 SHA1 a248542f16b474f0877c4171aa4eaa43e2381bbd SHA256 ec19bd2680ad7b64c2472043a69cb37f714d87f06e2a6e471396d2dd2c68fff6
+MD5 8e147ffe0f426a443dcaf227ee813f0a ChangeLog 9253
+RMD160 68ae4ab0fe61f40442dc6b7a314e7514285e05b0 ChangeLog 9253
+SHA256 ec19bd2680ad7b64c2472043a69cb37f714d87f06e2a6e471396d2dd2c68fff6 ChangeLog 9253
MISC metadata.xml 156 RMD160 c1274bdccf57603d580de0075ba07a35b7509560 SHA1 6f78f604e3d079d39189b40aaaa1ddb06182ad91 SHA256 5101ab0d4cc8c7125eea733c44e86962769bd77acaf53b69223b9cadcdd29055
MD5 a37bab73e2f24b213932c30997d3d360 metadata.xml 156
RMD160 c1274bdccf57603d580de0075ba07a35b7509560 metadata.xml 156
projects / gentoo.git / commitdiff