[X2Go-Commits] [nx-libs] branch 3.5.0.x updated (952e320 -> 266d5af)

git-admin at x2go.org git-admin at x2go.org
Mon Apr 27 02:50:37 CEST 2015


This is an automated email from the git hooks/post-receive script.

x2go pushed a change to branch 3.5.0.x
in repository nx-libs.

      from  952e320   nx-X11: add more NULL guards to TEST and DEBUG sections of Render.c.
       new  ca36175   nx-X11: link to libdl to fix undefined references to 'dlopen' and 'dlsym'. Fixes: #853.
       new  79a4ed9   Security fixes: X.Org CVE-2013-7439:
       new  96efada   CVE patches were previously not included in release tarballs.
       new  ef24d64   nx-X11: Prevent underlinking by linking to libNX_X{11,damage,fixes).
       new  9525d07   nxcompshad: Prevent underlinking by linking to libNX_Xext.
       new  0275776   debian/roll-tarballs.sh: use more quotes.
       new  e822d5c   debian/roll-tarballs.sh: convert tabs to spaces.
       new  cc2fdd9   debian/roll-tarballs.sh: use more curly braces.
       new  06bdc27   debian/roll-tarballs.sh: don't escape last newline of a multiline command.
       new  56b383b   debian/roll-tarballs.sh: whitespace changes for consistency.
       new  4c90de7   debian/roll-tarballs.sh: next batch of quotes.
       new  14e51de   debian/changelog: document the last commits.
       new  034bd94   README.keystrokes: copy actions documentation from the wiki.
       new  45d9d24   README.keystrokes: add documentation for branding behavior.
       new  82d73c3   debian/changelog: unify entry for README.keystrokes.
       new  352631a   etc/keystrokes.cfg: fix whitespace errors.
       new  266d5af   README.keystrokes: remove accidentally copied Dokuwiki syntax.

The 17 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Summary of changes:
 debian/changelog                                   |  134 +++++++++++++++++
 debian/keystrokes.cfg                              |   32 ++---
 ...0320_nxagent_configurable-keystrokes.full.patch |   43 ++++--
 ...nx-X11_fix-underlinking-dlopen-dlsym.full.patch |   17 +++
 ...inking-libNX_Xcomposite_damage_fixes.full.patch |   15 ++
 .../0650_nxcompshad_link-to-NX_Xext.full.patch     |   14 ++
 ...ss-fix-for-CVE-2011-2895-From-xorg-.full.patch} |    0
 ...-4028-File-disclosure-vulnerability.full.patch} |    0
 ...ter-free-in-dix-dixfonts.c-doImageT.full.patch} |    0
 ...2-unlimited-sscanf-overflows-stack-.full.patch} |    0
 ...9-integer-overflow-of-realloc-size-.full.patch} |    0
 ...9-integer-overflow-of-realloc-size-.full.patch} |    0
 ...0-unvalidated-length-in-_fs_recv_co.full.patch} |    0
 ...when-we-receive-an-FS_Error-from-th.full.patch} |    0
 ...0-unvalidated-lengths-when-reading-.full.patch} |    0
 ...1-Integer-overflow-in-fs_get_reply-.full.patch} |    0
 ...0-unvalidated-length-fields-in-fs_r.full.patch} |    0
 ...1-integer-overflow-in-fs_read_exten.full.patch} |    0
 ...1-integer-overflow-in-fs_alloc_glyp.full.patch} |    0
 ...0-unvalidated-length-fields-in-fs_r.full.patch} |    0
 ...0-unvalidated-length-fields-in-fs_r.full.patch} |    0
 ...0-unvalidated-length-fields-in-fs_r.full.patch} |    0
 ...0-unvalidated-length-fields-in-fs_r.full.patch} |    0
 ...lloc-may-allow-unauthed-client-to-c.full.patch} |    0
 ...overflow-in-ProcPutImage-CVE-2014-8.full.patch} |    0
 ...overflow-in-GetHosts-CVE-2014-8092-.full.patch} |    0
 ...overflow-in-RegionSizeof-CVE-2014-8.full.patch} |    0
 ...overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch} |    0
 ...ted-lengths-in-DbeSwapBuffers-calls.full.patch} |    0
 ...ed-lengths-in-Xinput-extension-CVE-.full.patch} |    0
 ...idated-length-in-SProcXCMiscGetXIDL.full.patch} |    0
 ...ed-lengths-in-XVideo-extension-swap.full.patch} |    0
 ...-request-size-before-reading-it-CVE.full.patch} |    0
 ...idated-lengths-in-Render-extn.-swap.full.patch} |    0
 ...idated-length-in-SProcXFixesSelectS.full.patch} |    0
 ...dated-lengths-in-RandR-extension-sw.full.patch} |    0
 ...paranoid-about-variable-length-requ.full.patch} |    0
 ...strict-about-rejecting-invalid-imag.full.patch} |    0
 ...al-paranoia-in-__glXGetAnswerBuffer.full.patch} |    0
 ..._-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch} |    0
 ...hecking-for-GLXRender-requests-v2-C.full.patch} |    0
 ...overflow-protection-for-non-generat.full.patch} |    0
 ...l-length-checking-for-swapped-Vendo.full.patch} |    0
 ...hecking-for-non-generated-single-re.full.patch} |    0
 ...hecking-for-RenderLarge-requests-v2.full.patch} |    0
 ...aining-request-length-into-varsize-.full.patch} |    0
 ...ont-fc-fserve.c-initialize-remainin.full.patch} |    0
 ...put-validation-to-fix-for-CVE-2011-.full.patch} |    0
 ...verity-844-845-846-Fix-memory-leaks.full.patch} |    0
 ...e-introduce-byte-counting-functions.full.patch} |    0
 ...ap-XkbSetGeometry-data-in-the-input.full.patch} |    0
 ...strings-length-against-request-size.full.patch} |    0
 ...39-MakeBigReq-don-t-move-the-last-wo.full.patch |   77 ++++++++++
 debian/patches/series                              |   96 +++++++------
 debian/roll-tarballs.sh                            |  150 ++++++++++----------
 55 files changed, 429 insertions(+), 149 deletions(-)
 create mode 100644 debian/patches/0630_nx-X11_fix-underlinking-dlopen-dlsym.full.patch
 create mode 100644 debian/patches/0640_nx-X11_fix-underlinking-libNX_Xcomposite_damage_fixes.full.patch
 create mode 100644 debian/patches/0650_nxcompshad_link-to-NX_Xext.full.patch
 rename debian/patches/{1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch => 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-.full.patch} (100%)
 rename debian/patches/{1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch => 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch} (100%)
 rename debian/patches/{1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch => 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch} (100%)
 rename debian/patches/{1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch => 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch} (100%)
 rename debian/patches/{1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch => 1005-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch} (100%)
 rename debian/patches/{1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch => 1006-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch} (100%)
 rename debian/patches/{1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch => 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_co.full.patch} (100%)
 rename debian/patches/{1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch => 1008-Don-t-crash-when-we-receive-an-FS_Error-from-th.full.patch} (100%)
 rename debian/patches/{1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch => 1009-CVE-2014-0210-unvalidated-lengths-when-reading-.full.patch} (100%)
 rename debian/patches/{1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch => 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-.full.patch} (100%)
 rename debian/patches/{1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch => 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch} (100%)
 rename debian/patches/{1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch => 1012-CVE-2014-0211-integer-overflow-in-fs_read_exten.full.patch} (100%)
 rename debian/patches/{1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch => 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyp.full.patch} (100%)
 rename debian/patches/{1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch => 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch} (100%)
 rename debian/patches/{1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch => 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch} (100%)
 rename debian/patches/{1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch} (100%)
 rename debian/patches/{1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch} (100%)
 rename debian/patches/{1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch => 1018-unchecked-malloc-may-allow-unauthed-client-to-c.full.patch} (100%)
 rename debian/patches/{1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch => 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch} (100%)
 rename debian/patches/{1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch => 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-.full.patch} (100%)
 rename debian/patches/{1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch => 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8.full.patch} (100%)
 rename debian/patches/{1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch => 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch} (100%)
 rename debian/patches/{1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch => 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls.full.patch} (100%)
 rename debian/patches/{1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch => 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-.full.patch} (100%)
 rename debian/patches/{1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch => 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch} (100%)
 rename debian/patches/{1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch => 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch} (100%)
 rename debian/patches/{1027-render-check-request-size-before-reading-it-CVE-2014.patch => 1027-render-check-request-size-before-reading-it-CVE.full.patch} (100%)
 rename debian/patches/{1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch => 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch} (100%)
 rename debian/patches/{1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch => 1029-xfixes-unvalidated-length-in-SProcXFixesSelectS.full.patch} (100%)
 rename debian/patches/{1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch => 1030-randr-unvalidated-lengths-in-RandR-extension-sw.full.patch} (100%)
 rename debian/patches/{1031-glx-Be-more-paranoid-about-variable-length-requests-.patch => 1031-glx-Be-more-paranoid-about-variable-length-requ.full.patch} (100%)
 rename debian/patches/{1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch => 1032-glx-Be-more-strict-about-rejecting-invalid-imag.full.patch} (100%)
 rename debian/patches/{1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch => 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer.full.patch} (100%)
 rename debian/patches/{1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch => 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch} (100%)
 rename debian/patches/{1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch => 1035-glx-Length-checking-for-GLXRender-requests-v2-C.full.patch} (100%)
 rename debian/patches/{1036-glx-Integer-overflow-protection-for-non-generated-re.patch => 1036-glx-Integer-overflow-protection-for-non-generat.full.patch} (100%)
 rename debian/patches/{1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch => 1037-glx-Top-level-length-checking-for-swapped-Vendo.full.patch} (100%)
 rename debian/patches/{1038-glx-Length-checking-for-non-generated-single-request.patch => 1038-glx-Length-checking-for-non-generated-single-re.full.patch} (100%)
 rename debian/patches/{1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch => 1039-glx-Length-checking-for-RenderLarge-requests-v2.full.patch} (100%)
 rename debian/patches/{1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch => 1040-glx-Pass-remaining-request-length-into-varsize-.full.patch} (100%)
 rename debian/patches/{1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch => 1041-nx-X11-lib-font-fc-fserve.c-initialize-remainin.full.patch} (100%)
 rename debian/patches/{1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch => 1042-Do-proper-input-validation-to-fix-for-CVE-2011-.full.patch} (100%)
 rename debian/patches/{1101-Coverity-844-845-846-Fix-memory-leaks.patch => 1101-Coverity-844-845-846-Fix-memory-leaks.full.patch} (100%)
 rename debian/patches/{1102-include-introduce-byte-counting-functions.patch => 1102-include-introduce-byte-counting-functions.full.patch} (100%)
 rename debian/patches/{1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch => 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input.full.patch} (100%)
 rename debian/patches/{1104-xkb-Check-strings-length-against-request-size.patch => 1104-xkb-Check-strings-length-against-request-size.full.patch} (100%)
 create mode 100644 debian/patches/1200-CVE-2013-7439-MakeBigReq-don-t-move-the-last-wo.full.patch

--
Alioth's /srv/git/code.x2go.org/nx-libs.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/nx-libs.git


More information about the x2go-commits mailing list