libxi: Changes to 'refs/tags/libxi-2_1.6.1-1+deb7u1'

To: debian-x@lists.debian.org
Subject: libxi: Changes to 'refs/tags/libxi-2_1.6.1-1+deb7u1'
From: Julien Cristau <jcristau@alioth.debian.org>
Date: Thu, 23 May 2013 18:59:04 +0000
Message-id: <E1UfajA-0002GT-Hr@vasks.debian.org>

Tag 'libxi-2_1.6.1-1+deb7u1' created by Julien Cristau <jcristau@debian.org> at 2013-05-15 12:36 +0000

Tagging upload of libxi 2:1.6.1-1+deb7u1 to wheezy-security.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAABCAAGBQJRk4E9AAoJEDEBgAUJBeQMlnoP/1JuGK49GDoPyVRCp5H41+M0
mdVmTd27xnwx8nEy1sjRuaUTEa0HjiA6npd9Rpkc7wc4byDEp5YylcIBIwHqW1Ot
MKDvmlnY/8kylHiwJHBVItYh5CJM5up/fzN+CywGWHerZDv08AXE57W2lMQtCw8g
VTcdBY9rv9JaYxurlf01Douz3LoHVCMGcGRY8uyl/ERPqcejHXek0QkddzALbADd
eyzJz2Z/3mhZh/ctSohnuPGvlV4sBlj4KGdUPztBxMwLTQv7uP5RZ5WQcqPmUj+h
OEV3IphdONV0VQ+b/7bfv+IQV2+32Sq/Gxw+qKt0lnvBi2yHK8GuLX69Liq1+Xlj
v2KoAsITAwNWEykQepBrqzQBONR0BSx+Fl84x154AweYtxHlvMHVFVgPklS8Zpc0
lGiTsbF4V6XtYKjK1bbP57nHFJDCqDlwOk1NkI871g+YwBcbEgF8TwMBxxX5TCx2
3c5ra5DJkgfeIR3HS+otyWUY37nYLr1VANkoXzqNzFH+GbLKVhZMkF1KtlvDQhS5
m1rt85ygOX+c3OdutgSq4NK1PyOuqdq6VkCWJjKqwmcffjrmEwKjmLnYdKzTzFZP
KfNxZ5MBnMfTTWIjPuLkyMFfBFMVyUVW5BV6vOPoJhv2EkC1M2lIQi1CnRaPkxYs
KLWus0PqTPy+VM/Qs/KF
=cRrc
-----END PGP SIGNATURE-----

Changes since libxi-2_1.6.1-1:
Alan Coopersmith (13):
      Use _XEatDataWords to avoid overflow of rep.length bit shifting
      Stack buffer overflow in XGetDeviceButtonMapping() [CVE-2013-1998 1/3]
      memory corruption in _XIPassiveGrabDevice() [CVE-2013-1998 2/3]
      unvalidated lengths in XQueryDeviceState() [CVE-2013-1998 3/3]
      integer overflow in XGetDeviceControl() [CVE-2013-1984 1/8]
      integer overflow in XGetFeedbackControl() [CVE-2013-1984 2/8]
      integer overflow in XGetDeviceDontPropagateList() [CVE-2013-1984 3/8]
      integer overflow in XGetDeviceMotionEvents() [CVE-2013-1984 4/8]
      integer overflow in XIGetProperty() [CVE-2013-1984 5/8]
      integer overflow in XIGetSelectedEvents() [CVE-2013-1984 6/8]
      Avoid integer overflow in XGetDeviceProperties() [CVE-2013-1984 7/8]
      Avoid integer overflow in XListInputDevices() [CVE-2013-1984 8/8]
      sign extension issue in XListInputDevices() [CVE-2013-1995]

Julien Cristau (1):
      Upload to wheezy-security

---
 configure.ac        |    6 ++++
 debian/changelog    |    9 +++++++
 src/XGMotion.c      |   24 ++++++++++++++-----
 src/XGetBMap.c      |   21 ++++++++++-------
 src/XGetDCtl.c      |   33 ++++++++++++++++++++------
 src/XGetDProp.c     |   64 ++++++++++++++++++++++++++++++----------------------
 src/XGetFCtl.c      |   26 ++++++++++++++++-----
 src/XGetKMap.c      |    2 -
 src/XGetMMap.c      |    2 -
 src/XGetProp.c      |   12 ++++-----
 src/XGtSelect.c     |    2 -
 src/XIPassiveGrab.c |    2 -
 src/XIProperties.c  |   18 ++++++++------
 src/XISelEv.c       |   25 +++++++++++++++-----
 src/XIint.h         |   14 +++++++++++
 src/XListDProp.c    |    2 -
 src/XListDev.c      |   28 +++++++++++++---------
 src/XOpenDev.c      |    2 -
 src/XQueryDv.c      |   19 ++++++++++-----
 19 files changed, 214 insertions(+), 97 deletions(-)
---

Reply to:

Prev by Date: libxp: Changes to 'debian-wheezy'
Next by Date: libxrandr: Changes to 'debian-wheezy'
Previous by thread: libxp: Changes to 'debian-wheezy'
Next by thread: libxrandr: Changes to 'debian-wheezy'
Index(es):
- Date
- Thread