Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libX11-6-1.8.7-2.3 RPM for armv6hl

From OpenSuSE Ports Tumbleweed for armv6hl

Name: libX11-6 Distribution: openSUSE Tumbleweed
Version: 1.8.7 Vendor: openSUSE
Release: 2.3 Build date: Fri Feb 9 20:34:09 2024
Group: System/Libraries Build host: i01-armsrv3
Size: 1183587 Source RPM: libX11-1.8.7-2.3.src.rpm
Packager: http://bugs.opensuse.org
Url: http://xorg.freedesktop.org/
Summary: Core X11 protocol client library
The X Window System is a network-transparent window system that was
designed at MIT. X display servers run on computers with either
monochrome or color bitmap display hardware. The server distributes
user input to and accepts output requests from various client
programs located either on the same machine or elsewhere in the
network. Xlib is a C subroutine library that application programs
(clients) use to interface with the window system by means of a
stream connection.

Provides

Requires

License

MIT

Changelog

* Mon Nov 20 2023 Stefan Dirsch <sndirsch@suse.com>
  - this update is needed due to jsc#PED-7282; it includes the
    security fix for CVE-2022-3555 (bsc#1204425, bsc#1208881) and
    a fix for a race condition in libX11 that causes various
    applications to crash randomly (boo#1181963)
* Tue Oct 03 2023 Stefan Dirsch <sndirsch@suse.com>
  - update to 1.8.7
    This release contains fixes for the issues reported in security
    advisory here:
      https://lists.x.org/archives/xorg-announce/2023-October/003424.html
    * fixes CVE-2023-43785 libX11: out-of-bounds memory access in
      _XkbReadKeySyms() (boo#1215683)
    * fixes CVE-2023-43786 libX11: stack exhaustion from infinite recursion
    in PutSubImage() (boo#1215684)
    * fixes CVE-2023-43787 libX11: integer overflow in XCreateImage()
      leading to a heap overflow (boo#1215685)
    along with:
    * Fail XOpenDisplay() if server-provided default visual is invalid (!233)
    * Bring XKB docs in line with actual implementation (!231, !228)
    * Xutil.h: declare XEmptyRegion() and XEqualRegion() as Bool (!225)
    * Assorted updates to en_US.UTF-8 compose keys (!213, !214, !215, !216,
      !217, !219, !220, !222, !223, !226, !227, !229)
* Sat Jul 15 2023 Dirk Müller <dmueller@suse.com>
  - update to 1.8.6:
    * InitExt.c: Add bounds checks for extension request,
      event, & error codes
    * Fixes CVE-2023-3138: X servers could return values from
      XQueryExtension that would cause Xlib to write entries
      out-of-bounds of the arrays to store them, though this
      would only overwrite other parts of the Display
      struct, not outside the bounds allocated for that
      structure.
  - drop U_InitExt.c-Add-bounds-checks-for-extension-request-ev.patch (upstream)
* Mon Jun 12 2023 Stefan Dirsch <sndirsch@suse.com>
  - U_InitExt.c-Add-bounds-checks-for-extension-request-ev.patch
    * Buffer overflows in InitExt.c (boo#1212102, CVE-2023-3138)
* Thu Jun 01 2023 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.8.5
    * gitlab CI: Add libtool to required packages
    * configure: raise minimum autoconf requirement to 2.70
    * configure: replace deprecated AC_HELP_STRING with AS_HELP_STRING
    * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
    * gitlab CI: add workflow rules
    * nls: delete compose sequences that pointlessly mix upper and lower case
    * nls: remove four hundred and sixty untypable Greek compose sequences
    * nls: remove twenty two untypable Greek compose sequences
    * XSetScreenSaver.man: restore the part that was accidentally snipped
    * nls: make the Amharic compose sequences use the dead-vowel symbols
    * nls: sort three sequences alphabetically in their group, like all others
    * nls: delete six compose sequences that cannot be typed
    * nls: use a slash instead of a combining solidus in compose sequences
    * NLS: move long S compositions to respective blocks
    * NLS: implement the expansion of the six Breton N-graph keysyms
    * NLS: move dead-caron subscript compositions to the relevant Unicode block
    * NLS: Remove strange dead_cedilla cedi sign sequences
    * nls: add compose sequence for capital schwa, and delete a deviant one
  - Users of the Amharic (am_ET.UTF-8) compose key sequences provided by libX11
    will also want to upgrade to xkeyboard-config 2.39 (releasing soon), in order
    to keep those sequeunces working with this release.
* Thu Mar 09 2023 llyyr <llyyr.public@gmail.com>
  - Update to version 1.8.4
    This release fixes the regressions in previous 1.8.x related to the thread-
    - safety-constructor option. (boo#1209176)
  - supersedes U_fix-a-memory-leak-in-XRegisterIMInstantiateCallback.patch
* Mon Dec 05 2022 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.8.1
    This release fixes the --enable-thread-safety-constructor option to the
    configure script to work as intended.  In the previous release, the changes
    for this option may not have been enabled when the option was not specified
    or when the --enable option was specified.
    While we have enabled it by default, believing that doing so will reduce
    the number of bugs users encounter running libX11 clients, in some cases
    it may expose bugs in which clients had previously gotten away with calling
    libX11 functions while a libX11 lock is already held, and thus now deadlock,
    as discussed in https://gitlab.freedesktop.org/xorg/lib/libx11/-/issues/157
  - let's hope this version doesn't suffer yet from the regressions
    reported in boo#1205778, boo#1205818 (reported against 1.8.2);
    we need libX11 thread safe for totem (GNOME 43) :-(
* Mon Dec 05 2022 Stefan Dirsch <sndirsch@suse.com>
  - going back to version 1.7.5 for now to get rid of regressions,
    which were introduced by trying to get thread-safe in libX11
    itself
  - re-introduced U_fix-a-memory-leak-in-XRegisterIMInstantiateCallback.patch
    which was not yet in 1.7.5
  - supersedes the following patches
    * U_0001-Add-XFreeThreads-function.patch
    * U_0002-Don-t-use-pragma-inside-a-function-it-breaks-compili.patch
    * U_0003-Fix-797755-Allow-X-IfEvent-to-reenter-libX11.patch
    * U_0004-Indentation-fixes-around-recent-dpy-in_ifevent-chang.patch
    * U_0005-ChkIfEv.c-fix-wrong-handling-of-dpy-in_ifevent.patch
* Sat Dec 03 2022 Stefan Dirsch <sndirsch@suse.com>
  - U_0001-Add-XFreeThreads-function.patch
    U_0002-Don-t-use-pragma-inside-a-function-it-breaks-compili.patch
    U_0003-Fix-797755-Allow-X-IfEvent-to-reenter-libX11.patch
    U_0004-Indentation-fixes-around-recent-dpy-in_ifevent-chang.patch
    U_0005-ChkIfEv.c-fix-wrong-handling-of-dpy-in_ifevent.patch
    * adding all patches since 1.8.2 release in order to try fixing
      regressions after introducing thread safety constructor with
      1.8.1 (boo#1205778, boo#1205818)
  - supersedes U_Fix-797755-Allow-X-IfEvent-to-reenter-libX11.patch
  - re-enabled thread safe constructor
* Fri Dec 02 2022 Stefan Dirsch <sndirsch@suse.com>
  - back to "--disable-thread-safety-constructor" for now; we see just
    too many regressions, e.g. firefox freezes and crashes, crashes with
    barrierc, crashes in Godot, assertions with vkquake (boo#1205818,
    boo#1205778)
* Sat Nov 26 2022 Stefan Dirsch <sndirsch@suse.com>
  - U_Fix-797755-Allow-X-IfEvent-to-reenter-libX11.patch
    * fixed Firefox freezes (regression since 1.8.2) (boo#1205778)
* Fri Nov 11 2022 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.8.2
    * This is primarily a bug fix release, including further work on
      improving the thread-safety-constructor and making it work with
      software which had incorrectly called libX11 functions from
      inside X*IfEvent() calls.
  - supersedes U_fix-a-memory-leak-in-XRegisterIMInstantiateCallback.patch
* Wed Oct 19 2022 Stefan Dirsch <sndirsch@suse.com>
  - U_fix-a-memory-leak-in-XRegisterIMInstantiateCallback.patch
    * security update for CVE-2022-3554 (bsc#1204422)
* Thu Jun 09 2022 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.8.1
    This release fixes the --enable-thread-safety-constructor option to the
    configure script to work as intended.  In the previous release, the changes
    for this option may not have been enabled when the option was not specified
    or when the --enable option was specified.
    While we have enabled it by default, believing that doing so will reduce
    the number of bugs users encounter running libX11 clients, in some cases
    it may expose bugs in which clients had previously gotten away with calling
    libX11 functions while a libX11 lock is already held, and thus now deadlock,
    as discussed in https://gitlab.freedesktop.org/xorg/lib/libx11/-/issues/157 .
* Fri Apr 29 2022 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.8
    * The highlight of this release is that we now try to initialize
      thread safety ourselves, rather than hope the application does it.
      This should resolve a number of long-standing bugs with the libxcb
      integration, since the socket handoff mechanism essentially has to
      be thread-safe.
* Sun Apr 03 2022 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.7.4
    * Don't try to destroy NULL condition variables
* Thu Mar 31 2022 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.7.4
    * bugfix release
  - supersedes p_khmer-compose.diff
* Fri Dec 10 2021 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.7.3.1
    * This release of libX11 corrects a packaging problem in 1.7.3
      which caused the m4 files needed for autoreconf to not be
      included in the tarballs.
    * As a bonus, this release also includes one tiny typo fix in the
      XIM specs.
* Tue Dec 07 2021 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.7.3
    * This release includes a number of bug fixes and adds support for
      the _EVDEVK keysyms added in xorgproto 2021.2.
* Mon Nov 15 2021 Stefan Dirsch <sndirsch@suse.com>
  - u_no-longer-crash-in-XVisualIDFromVisual.patch
    * no longer crash in XVisualIDFromVisual() [boo#1191517]
* Sun Jun 06 2021 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.7.2
    * bug fix release, correcting a regression introduced by and
      improving the checks from the fix for CVE-2021-31535.
  - supersedes U_Check-for-NULL-strings-before-getting-their-lengths.patch
* Mon May 31 2021 Stefan Dirsch <sndirsch@suse.com>
  - U_Check-for-NULL-strings-before-getting-their-lengths.patch
    * regression in libX11 1.7.1 (boo#1186643)
      fixes segfaults for xforms applications like fdesign
* Tue May 18 2021 Stefan Dirsch <sndirsch@suse.com>
  - Update to version 1.7.1
    * security update for CVE-2021-31535 (bsc#1182506)
  - supersedes U_CVE-2021-31535.patch
* Mon May 17 2021 Stefan Dirsch <sndirsch@suse.com>
  - U_CVE-2021-31535.patch
    * adds missing request length checks in libX11 (CVE-2021-31535,
      bsc#1182506)

Files

/usr/lib/libX11.so.6
/usr/lib/libX11.so.6.4.0


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 2 23:52:59 2024