xtrans is a library of code that is shared among various X packages to handle network protocol transport in a modular fashion, allowing a single place to add new transport types - but it is *not* a shared library, more like a \ "header-only" library. It is used by the X server, the XIM support in libX11, libICE, the X font server, and related components. Because this is not a shared library, the changes in this release will only take effect in consumers that are rebuilt on a system with this release of xtrans installed. This release makes progress towards resolving CVE-2020-25697, reported in https://www.openwall.com/lists/oss-security/2020/11/09/3 . Clients will no longer attempt to connect to sockets in the abstract namespace, though servers will still bind to them to prevent other programs binding to those names to intercept connections from clients using libraries built with older versions of libxtrans or libxcb while the servers are running. Clients can also now specify a full Unix domain socket pathname to connect to, instead of relying on built-in defaults under /tmp. (Note that libX11 1.4.0 and later relies on libxcb for making connections instead of libxtrans, so X11 protocol clients will get this support in an upcoming release of libxcb, and the changes in xtrans will only affect clients of other protocols using libxtrans, such as XIM, ICE, SM, and the font service protocols.) This release also removes support for System V UNIX platforms other than Solaris and the illumos family - OS'es from SCO, AT&T's Unix Systems Group, Novell, and NCR are no longer supported. Adam Jackson (4): unifdef USG and NCR Delete SCO support Remove non-Solaris SysV support TEST_t is never defined Alan Coopersmith (5): Build xz tarballs instead of bzip2 Fix spelling/wording issues gitlab CI: add a basic build test Remove "All rights reserved" from Oracle copyright notices xtrans 1.5.0 Demi Marie Obenour (3): Remove client-side abstract socket support Allow full paths to sockets on non-macOS DISPLAY starting with unix: or / is always a socket path Keith Packard (2): move is_numeric to Xtranssock.c and only define for TCPCONN or TRANS_REOPEN Use font server ErrorF/VErrorF instead of private versions Olivier Fourdan (1): Allow partial connection to succeed Ray Strode (1): Automatically disable inet6 transport if ipv6 is disabled on machine git tag: xtrans-1.5.0 https://xorg.freedesktop.org/archive/individual/lib/xtrans-1.5.0.tar.gz SHA256: a806f8a92f879dcd0146f3f1153fdffe845f2fc0df9b1a26c19312b7b0a29c86 xtrans-1.5.0.tar.gz SHA512: cc9b9e2d76fccaecfc3e5ef873e8e6ced9e82a00c7d7d31cf13e85921f010915f9540c4d38afbb20885bbbf36c62b922ec514f4c8fc3fac65c93219cd8a6f796 xtrans-1.5.0.tar.gz PGP: https://xorg.freedesktop.org/archive/individual/lib/xtrans-1.5.0.tar.gz.sig https://xorg.freedesktop.org/archive/individual/lib/xtrans-1.5.0.tar.xz SHA256: 1ba4b703696bfddbf40bacf25bce4e3efb2a0088878f017a50e9884b0c8fb1bd xtrans-1.5.0.tar.xz SHA512: e8091f11d4ad2b14e01de3eac56bdf2267ea26687ce66e3056374d0d02e049480c0b27c482f8828a0efd086f1e4c485108ca4dce3f83d66c1896effa3b38b228 xtrans-1.5.0.tar.xz PGP: https://xorg.freedesktop.org/archive/individual/lib/xtrans-1.5.0.tar.xz.sig -- -Alan Coopersmith- alan.coopersmith at oracle.com Oracle Solaris Engineering - https://blogs.oracle.com/solaris -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: <https://lists.x.org/archives/xorg-announce/attachments/20230602/2c4d29af/attachment.sig>