libXRes is the Xlib-based client library for the X-Resource extension. This release primarily provides the fix for the recently announced security vulnerability CVE-2013-1988, along with improved compatibility with future automake releases. Alan Coopersmith (5): Replace deprecated Automake INCLUDES variable with AM_CPPFLAGS Use _XEatDataWords to avoid overflow of rep.length shifting integer overflow in XResQueryClients() [CVE-2013-1988 1/2] integer overflow in XResQueryClientResources() [CVE-2013-1988 2/2] libXres 1.0.7 git tag: libXres-1.0.7 git branch: libXres-1.0-branch http://xorg.freedesktop.org/archive/individual/lib/libXres-1.0.7.tar.bz2 MD5: 45ef29206a6b58254c81bea28ec6c95f SHA1: 45e09c6b771af5d8c448ce31de65d15bf83b7579 SHA256: 26899054aa87f81b17becc68e8645b240f140464cf90c42616ebb263ec5fa0e5 http://xorg.freedesktop.org/archive/individual/lib/libXres-1.0.7.tar.gz MD5: 7fad9ab34201bb4adffcbf0cd7e87a89 SHA1: 30453be50d1d4c49bea02558ac76230fdefc68e1 SHA256: 488c9fa14b38f794d1f019fe62e6b06514a39f1a7538e55ece8faf22482fefcd -- -Alan Coopersmith- alan.coopersmith at oracle.com Oracle Solaris Engineering - http://blogs.oracle.com/alanc -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 832 bytes Desc: not available URL: <http://lists.x.org/archives/xorg-announce/attachments/20130530/1bf820c9/attachment.pgp>