libx11 (2:1.8.4-2+deb12u2) bookworm-security; urgency=high * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms() * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage() * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow * XPutImage: clip images to maximum height & width allowed by protocol * XCreatePixmap: trigger BadValue error for out-of-range dimensions -- Julien Cristau <jcristau@debian.org> Tue, 03 Oct 2023 10:52:32 +0200 libx11 (2:1.8.4-2+deb12u1) bookworm-security; urgency=high * Non-maintainer upload by the Security Team. * InitExt.c: Add bounds checks for extension request, event, & error codes (CVE-2023-3138) (Closes: #1038133) -- Salvatore Bonaccorso <carnil@debian.org> Thu, 15 Jun 2023 21:54:32 +0200 libx11 (2:1.8.4-2) unstable; urgency=medium * rules: Drop --disable-thread-safety-constructor again. -- Timo Aaltonen <tjaalton@debian.org> Mon, 27 Feb 2023 20:31:15 +0200 libx11 (2:1.8.4-1) unstable; urgency=medium * New upstream version. (Closes: #1031697) * patches: Drop reverts, as the issues should be fixed upstream. -- Timo Aaltonen <tjaalton@debian.org> Mon, 27 Feb 2023 10:29:38 +0200 libx11 (2:1.8.3-3) unstable; urgency=medium * Revert yet another commit causing regressions. (Closes: #1026809) -- Timo Aaltonen <tjaalton@debian.org> Fri, 23 Dec 2022 12:57:26 +0200 libx11 (2:1.8.3-2) unstable; urgency=medium [ Debian Janitor ] * Remove constraints unnecessary since buster (oldstable): + Build-Depends: Drop versioned constraint on dpkg-dev, libxcb1-dev and xutils-dev. + Build-Depends-Indep: Drop versioned constraint on xorg-sgml-doctools. + libx11-data: Drop versioned constraint on libx11-6 in Breaks. + libx11-dev: Drop versioned constraint on libxau-dev and libxdmcp-dev in Depends. + libx11-xcb-dev: Drop versioned constraint on libxcb1-dev in Depends. + libx11-doc: Drop versioned constraint on libx11-dev in Replaces. + libx11-doc: Drop versioned constraint on libx11-dev in Breaks. [ Timo Aaltonen ] * patches: Revert four commits to fix a regression which is still unfixed. * rules: Add --disable-thread-safety-constructor again. * rules: NEWS got removed, don't try to install it. * symbols: Updated. -- Timo Aaltonen <tjaalton@debian.org> Tue, 20 Dec 2022 17:02:56 +0200 libx11 (2:1.8.3-1) unstable; urgency=medium * New upstream release. * rules: The new upstream release allows to drop --disable-thread- safety-constructor build option. -- Timo Aaltonen <tjaalton@debian.org> Tue, 20 Dec 2022 16:01:24 +0200 libx11 (2:1.8.1-2) unstable; urgency=medium * rules: Disable thread safety constructor. (Closes: #1016363) -- Timo Aaltonen <tjaalton@debian.org> Thu, 04 Aug 2022 09:21:33 +0300 libx11 (2:1.8.1-1) unstable; urgency=medium * New upstream release. -- Timo Aaltonen <tjaalton@debian.org> Fri, 29 Jul 2022 11:11:37 +0300 libx11 (2:1.7.5-1) unstable; urgency=medium * New upstream release. (Closes: #1008890) -- Timo Aaltonen <tjaalton@debian.org> Sun, 03 Apr 2022 22:29:52 +0300 libx11 (2:1.7.4-1) unstable; urgency=medium * New upstream release. * 0001-makekeys..patch: Deleted, upstream. * patches: Refreshed. * Update signing-key.asc. -- Timo Aaltonen <tjaalton@debian.org> Thu, 31 Mar 2022 22:21:59 +0300 libx11 (2:1.7.2-2) unstable; urgency=medium * Add an upstream commit to handle new _EVDEVK symbols. -- Timo Aaltonen <tjaalton@debian.org> Wed, 15 Sep 2021 09:18:20 +0300 libx11 (2:1.7.2-1) unstable; urgency=medium [ Timo Aaltonen ] * New upstream release. (Closes: #990998) [ Julien Cristau ] * Fix Vcs-Git control field. -- Timo Aaltonen <tjaalton@debian.org> Mon, 26 Jul 2021 11:29:39 +0300 libx11 (2:1.7.1-1) unstable; urgency=medium [ Julien Cristau ] * libx11-6 Breaks old libx11-xcb1, as further mitigation for bug #979590. [ Emilio Pozuelo Monfort ] * New upstream release. * CVE-2021-31535: X protocol command injection due to missing request length checks (closes: #988737) -- Emilio Pozuelo Monfort <pochu@debian.org> Wed, 19 May 2021 17:22:09 +0200 libx11 (2:1.7.0-2) unstable; urgency=medium * Set a strict dependency of libx11-xcb1 on libx11-6, as internal ABI may change across releases - and indeed did change between 1.6.12 and 1.7.0 (closes: #979590) * Update upstream git URL in package descriptions. -- Julien Cristau <jcristau@debian.org> Mon, 11 Jan 2021 12:15:25 +0100 libx11 (2:1.7.0-1) unstable; urgency=medium * New upstream release. * patches: Refreshed. * signing-key: Added key from Keith Packard. * symbols: Updated. -- Timo Aaltonen <tjaalton@debian.org> Wed, 06 Jan 2021 20:47:58 +0200 libx11 (2:1.6.12-1) unstable; urgency=medium * New upstream release. * 001_xim_regression.diff: Dropped, upstream. -- Timo Aaltonen <tjaalton@debian.org> Thu, 17 Sep 2020 13:11:41 +0300 libx11 (2:1.6.10-3) unstable; urgency=medium * Fix 001_xim_regression.diff to actually build. -- Julien Cristau <jcristau@debian.org> Mon, 03 Aug 2020 08:44:37 +0200 libx11 (2:1.6.10-2) unstable; urgency=medium * Fix regression introduced in 1.6.10 (closes: #966691) -- Julien Cristau <jcristau@debian.org> Sun, 02 Aug 2020 18:58:23 +0200 libx11 (2:1.6.10-1) unstable; urgency=medium * New upstream release + fixes heap corruption in the X input method client (CVE-2020-14344) -- Julien Cristau <jcristau@debian.org> Sat, 01 Aug 2020 12:50:40 +0200 libx11 (2:1.6.9-2) unstable; urgency=medium * control: Depend on x11proto-dev instead of the old protos, bump the version. * control: libx11-dev Replaces old x11proto-dev. (Closes: #952589) -- Timo Aaltonen <tjaalton@debian.org> Wed, 26 Feb 2020 18:40:14 +0200 libx11 (2:1.6.9-1) unstable; urgency=medium * New upstream release. * control: Use debhelper-compat, bump to 12. * signing-key.asc: Add Adam Jackson's key. * rules: Remove .la files before install. * rules: Use -a instead of -s for dh_makeshlibs. * watch: Update upstream url. * control: Bump policy to 4.5.0. -- Timo Aaltonen <tjaalton@debian.org> Wed, 26 Feb 2020 14:32:15 +0200 libx11 (2:1.6.8-1) unstable; urgency=medium [ Timo Aaltonen ] * New upstream release. * patches: Refreshed. [ Helmut Grohne ] * Move documentation dependencies to Build-Depends-Indep. (Closes: #928878) -- Timo Aaltonen <tjaalton@debian.org> Wed, 18 Sep 2019 17:09:31 +0300 # Older entries have been removed from this changelog. # To read the complete changelog use `apt changelog libx11-doc`.
Generated by dwww version 1.15 on Sun Jun 16 16:34:43 CEST 2024.