similar to: [ANNOUNCE] libXfont 1.5.4

Matt Turner (1): libXfont 1.5.3 Michal Srb (2): Check for end of string in PatternMatch (CVE-2017-13720) pcfGetProperties: Check string boundaries (CVE-2017-13722) git tag: libXfont-1.5.3 https://xorg.freedesktop.org/archive/individual/lib/libXfont-1.5.3.tar.bz2 MD5: 9ba75bf38ba62a6ad52550ab716da9b3 libXfont-1.5.3.tar.bz2 SHA1: 628b8ca2207f09324b8926084318a2fa2edb16d1

Matthieu Herrb (1): libXfont2 2.0.3 Michal Srb (1): Open files with O_NOFOLLOW. (CVE-2017-16611) git tag: libXfont2-2.0.3 https://xorg.freedesktop.org/archive/individual/lib/libXfont2-2.0.3.tar.bz2 MD5: b7ca87dfafeb5205b28a1e91ac3efe85 libXfont2-2.0.3.tar.bz2 SHA1: 1110f1ad4061d9e8131ecb941757480e3e32bca0 libXfont2-2.0.3.tar.bz2 SHA256:

Maintenance branch release, primarily for bdftopcf's benefit as it's the only thing that really needs the Xfont1 API. (xfs uses it too, I believe, but could be ported to Xfont2). If someone wanted to step up and merge Xfont1 into bdtopcf directly, that'd be great. Adam Jackson (1):       libXfont 1.5.2 Alan Coopersmith (1):       doc: add a couple olinks to fsproto & xfs-design

Adam Jackson (1): libXfont 1.3.2 Jens Granseuer (1): fix build with gcc 2.95. Matthieu Herrb (3): catalogue.c: prevent a one character overflow ftsystem.c is not needed anymore. Fix for CVE-2008-0006 - PCF Font parser buffer overflow. Tilman Sauerbeck (1): Replaced one instance of bcopy() with memcpy(). git tag: libXfont-1.3.2

This release of libXfont provides the fixes for today's security advisory about BDF font parsing bugs. Like libXfont 1.5.0, it requires fontsproto 2.1.3 or later and will not build cleanly with older versions. Alan Coopersmith (6): Remove unneeded checks for #ifndef X_NOT_POSIX Use 'imdent' to realign cpp indentation levels in fslibos.h bdfReadProperties: property

This release of libXfont provides the fixes for today's security advisory about BDF font parsing bugs. Like libXfont 1.4.8, it requires fontsproto 2.1.2 or earlier and will not build cleanly with newer versions. Alan Coopersmith (4): bdfReadProperties: property count needs range check [CVE-2015-1802] bdfReadCharacters: bailout if a char's bitmap cannot be read [CVE-2015-1803]

CentOS Errata and Security Advisory 2014:0018 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0018.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 5d177ebe7d19a7515f179bf06b534b16be5c3017b51dc32cef13f1ef45c94676 libXfont-1.2.2-1.0.5.el5_10.i386.rpm

CentOS Errata and Security Advisory 2014:0018 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0018.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: e197f6ba7f88663d651ff7fece36f0ab4439063d7267738c9bbdc86d0c39ae5e libXfont-1.4.5-3.el6_5.i686.rpm

CentOS Errata and Security Advisory 2014:1870 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1870.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 13834a3e7436e041b8455eb295055e10d6eb636d0b63ca52ca923505a46b95ac libXfont-1.4.5-4.el6_6.i686.rpm

CentOS Errata and Security Advisory 2014:1893 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1893.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: b0d5d2c56dc2794ccd036623672af58746d121b5341744c2f7c16b30120faa5c libXfont-1.2.2-1.0.6.el5_11.i386.rpm

CentOS Errata and Security Advisory 2015:1708 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1708.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 9856558ad51e2b739b307e54519434fd091a7eef0a3380d8e08f6bda984dbc09 libXfont-1.4.5-5.el6_7.i686.rpm

X.Org Security Advisory: March 17, 2015 More BDF file parsing issues in libXfont ======================================== Description: ============ Ilja van Sprundel, a security researcher with IOActive, has discovered an issue in the parsing of BDF font files by libXfont. Additional testing by Alan Coopersmith and William Robinet with the American Fuzzy Lop (afl) tool uncovered two more

CentOS Errata and Security Advisory 2008:0064 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-0064.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) x86_64: 58a6afa028e71b251b828d00dac83715 libXfont-1.2.2-1.0.3.el5_1.i386.rpm a0fc6a74d8307597032f9f275dfc3f4c libXfont-1.2.2-1.0.3.el5_1.x86_64.rpm

CentOS Errata and Security Advisory 2011:1154 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2011-1154.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) x86_64: af716cc565a831e7ab6fa369c9dbacab libXfont-1.2.2-1.0.4.el5_7.i386.rpm 6be4f475ba1460cd0fe81dffb114248f libXfont-1.2.2-1.0.4.el5_7.x86_64.rpm

CentOS Errata and Security Advisory 2014:1870 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1870.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 4db16b52f6e2005a48f611e2634fe0be85344f8fd63c8df546ac5aa805a146aa libXfont-1.4.7-2.el7_0.i686.rpm

CentOS Errata and Security Advisory 2015:1708 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1708.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: d0c7cd0ab4dc74e06f81eea25702ae372b5185314cc740de0bfd4c1467e23572 libXfont-1.4.7-3.el7_1.i686.rpm

CentOS Errata and Security Advisory 2008:0064 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-0064.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) i386: f1bdf132265bfd9e3b3d6f020a0ec99c libXfont-1.2.2-1.0.3.el5_1.i386.rpm 27c6b0c70afbdd2bce8513f675a7a039 libXfont-devel-1.2.2-1.0.3.el5_1.i386.rpm

CentOS Errata and Security Advisory 2011:1154 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2011-1154.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) i386: c8be195b72f957b264035e998f19ec4d libXfont-1.2.2-1.0.4.el5_7.i386.rpm 106869c973f93ecddc4a2c3d3a5e7593 libXfont-devel-1.2.2-1.0.4.el5_7.i386.rpm

This release ports the X Font Server to libXfont 2.x. Distributions may now drop libXfont 1.x at their convenience. This conversion has been lightly tested but some issues may remain; please report any new issues to xorg-devel at lists.x.org. Adam Jackson (3): xtrans: Simplify an error path when started from inetd xfs: port to libXfont2 xfs 1.2.0 Alan Coopersmith (2): Add

A collection of minor fixes since 2.0.1, including CVEs 2017-13720 and 2017-13722. Adam Jackson (5): configure: Use -fvisibility=hidden if available autogen: Set a default subject prefix for patches freetype: Fix a logic error in computing face name readme: Update for libXfont 2.0 interface change libXfont 2.0.2 Emil Velikov (1): autogen.sh: use quoted string