aboutsummaryrefslogtreecommitdiff
path: root/nx-X11/lib/font
Commit message (Collapse)AuthorAgeFilesLines
* CVE-2014-0209: integer overflow of realloc() size in FontFileAddEntry() from ↵Mike DePaulo2015-02-141-0/+5
| | | | | | | | | | | | | | | xorg/lib/libXfont commit 2f5e57317339c526e6eaee1010b0e2ab8089c42e FontFileReadDirectory() opens a fonts.dir file, and reads over every line in an fscanf loop. For each successful entry read (font name, file name) a call is made to FontFileAddFontFile(). FontFileAddFontFile() will add a font file entry (for the font name and file) each time it’s called, by calling FontFileAddEntry(). FontFileAddEntry() will do the actual adding. If the table it has to add to is full, it will do a realloc, adding 100 more entries to the table size without checking to see if that will overflow the int used to store the size.
* CVE-2013-6462: unlimited sscanf overflows stack buffer in ↵Mike DePaulo2015-02-141-1/+1
| | | | | | | | bdfReadCharacters() from xorg/lib/libXfont http://lists.x.org/archives/xorg-announce/2014-January/002389.html Fixes cppcheck warning: [lib/libXfont/src/bitmap/bdfread.c:341]: (warning) scanf without field width limits can crash with huge input data.
* LZW decompress: fix for CVE-2011-2895 From xorg/lib/Xfont commit ↵Mike DePaulo2015-02-141-0/+2
| | | | | | | | d11ee5886e9d9ec610051a206b135a4cdc1e09a0 Specially crafted LZW stream can crash an application using libXfont that is used to open untrusted font files. With X server, this may allow privilege escalation when exploited
* Do not build bundled libraries ↵Orion Poplawski2015-02-131-1/+1
| | | | | | | | | | | | (601_nx-X11_build-option-changes-to-not-use-bundled-libraries.full.patch). This commit has been submitted by Orion in two portions. One was submitted to X2Go BTS and created on Wed, 10 Jul 2013. The other portion has been taken from the Fedora package by Mike Gabriel and worked into this patch on Fri, 06 Dec 2013.
* Unique Library Names Patch ↵Jan Engelhardt2015-02-131-1/+1
| | | | | | | | | | | | | | | | | | | | (600_nx-X11+nxcompext+nxcompshad_unique-libnames.full.patch). We really want to make use of rpm's automatic dependency finding. Binaries are scanned for DT_NEEDED entries, the latter of which are then used for populating the "Requires"-type deps. The "nxagent" binary for example would require libX11.so.6. That incurs problems: 1. A package manager told to install nxagent could select xorg-x11 rather than nx-libs, even though nxagent depends on the NX version. 2. A package manager told to install $some_program could select nx-libs rather than xorg-x11 (since both provide libX11.so.6), but, since the NX library is in an obscure directory, running $some_program would fail as libX11.so.6 is not found. To solve this, give the NX libraries unique names different from the Xorg ones.
* drop .original files from the current code baseMike Gabriel2015-02-022-1929/+0
|
* massive reduction of unneeded filesMike Gabriel2015-02-0219-8167/+0
|
* Revert "release 3.5.0.19"Mike Gabriel2013-03-281-1/+1
| | | | This reverts commit e77bf36d9afbc7e56522574b06217d57c11dd095.
* release 3.5.0.19Mike Gabriel2013-03-281-1/+1
|
* Imported nx-X11-3.3.0-7.tar.gznx-X11/3.3.0-7Reinhard Tartler2011-10-103-1/+1933
| | | | | | | | Summary: Imported nx-X11-3.3.0-7.tar.gz Keywords: Imported nx-X11-3.3.0-7.tar.gz into Git repository
* Imported nx-X11-3.1.0-4.tar.gznx-X11/3.1.0-4Reinhard Tartler2011-10-101-0/+6
| | | | | | | | Summary: Imported nx-X11-3.1.0-4.tar.gz Keywords: Imported nx-X11-3.1.0-4.tar.gz into Git repository
* Imported nx-X11-3.1.0-1.tar.gznx-X11/3.1.0-1Reinhard Tartler2011-10-10208-0/+71582
Summary: Imported nx-X11-3.1.0-1.tar.gz Keywords: Imported nx-X11-3.1.0-1.tar.gz into Git repository