[ubuntu/saucy-proposed] libx11 2:1.5.0-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Jun 5 20:30:14 UTC 2013 

libx11 (2:1.5.0-1ubuntu2) saucy; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    incorrect memory size calculations
    - debian/patches/CVE-2013-1981.patch: fix multiple integer overflows.
    - CVE-2013-1981
  * SECURITY UPDATE: denial of service and possible code execution via
    incorrect length and bounds checking
    - debian/patches/CVE-2013-1997.patch: properly calculate lengths.
    - CVE-2013-1997
  * SECURITY UPDATE: denial of service and possible code execution via
    stack overflow from recursive #include
    - debian/patches/CVE-2013-2004.patch: set limit on depth.
    - CVE-2013-2004
  * debian/patches/001_hide_xeatdatawords.diff: Hide _XEatDataWords by
    default.
  * debian/patches/ftbfs_new_automake.patch: fix ftbfs with newer
    automake.

Date: Wed, 05 Jun 2013 15:40:48 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/saucy/+source/libx11/2:1.5.0-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 05 Jun 2013 15:40:48 -0400
Source: libx11
Binary: libx11-6 libx11-6-udeb libx11-data libx11-6-dbg libx11-dev libx11-xcb1 libx11-xcb1-dbg libx11-xcb-dev libx11-doc
Architecture: source
Version: 2:1.5.0-1ubuntu2
Distribution: saucy
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libx11-6   - X11 client-side library
 libx11-6-dbg - X11 client-side library (debug package)
 libx11-6-udeb - X11 client-side library (udeb)
 libx11-data - X11 client-side library
 libx11-dev - X11 client-side library (development headers)
 libx11-doc - X11 client-side library (development documentation)
 libx11-xcb-dev - Xlib/XCB interface library (development headers)
 libx11-xcb1 - Xlib/XCB interface library
 libx11-xcb1-dbg - Xlib/XCB interface library (debug package)
Changes: 
 libx11 (2:1.5.0-1ubuntu2) saucy; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible code execution via
     incorrect memory size calculations
     - debian/patches/CVE-2013-1981.patch: fix multiple integer overflows.
     - CVE-2013-1981
   * SECURITY UPDATE: denial of service and possible code execution via
     incorrect length and bounds checking
     - debian/patches/CVE-2013-1997.patch: properly calculate lengths.
     - CVE-2013-1997
   * SECURITY UPDATE: denial of service and possible code execution via
     stack overflow from recursive #include
     - debian/patches/CVE-2013-2004.patch: set limit on depth.
     - CVE-2013-2004
   * debian/patches/001_hide_xeatdatawords.diff: Hide _XEatDataWords by
     default.
   * debian/patches/ftbfs_new_automake.patch: fix ftbfs with newer
     automake.
Checksums-Sha1: 
 944895b0143401266c44c5d598d7f15ba660dd8d 2594 libx11_1.5.0-1ubuntu2.dsc
 d52a9d21647bc389bbdfccb96e054b71dfe4a077 108567 libx11_1.5.0-1ubuntu2.diff.gz
Checksums-Sha256: 
 4d1cfb002fc15b87b138be42cd1470c823fa6e9d4fe650fb489338666dfb24dc 2594 libx11_1.5.0-1ubuntu2.dsc
 6cb64f2e2a5295b11a6518b799943b3a2f1b562fa6de8d5a39a614aa00b64cb7 108567 libx11_1.5.0-1ubuntu2.diff.gz
Files: 
 ac3cfc6afed97fd3517226f32a24420f 2594 x11 optional libx11_1.5.0-1ubuntu2.dsc
 927b7ecf10373521baebb53be78c30aa 108567 x11 optional libx11_1.5.0-1ubuntu2.diff.gz
Original-Maintainer: Debian X Strike Force <debian-x at lists.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJRr50vAAoJEGVp2FWnRL6TDU8QALeQyEJoZUnxi+R2VxZQgCE1
yYZ+1CvSXJD6HE2ssa94of27CTegd3vvq9o37qqfYLLNpE29N6ywTJPDJ+iNlwN+
a/RoISY6dGwB1i9/yLrmHgYqdXmJRFdTbjUjaxhw3k+3wygUep1Gvr1Bwg9Jh2UZ
KGhHwjldfp+6KOTZyarqJIVTm+LtXlIqb8l1oPZaI7eAZzXtipbWhVzrx50Ncm+r
0WTlJb9XG0We3ClipG5N9E0TpEwJ3V+2Q4YkW3AbL7elZOU3qo3JgLySPEUovWh2
ZeojwF/P3zhiipplzMNKhTkPrZO2DsiU22WCbFYya2y9MjqPSga/Bi6CXH8MLiI8
GLJTmlzi9aWWiw7q734pjJxHHcUE95t72YVJcqsKE0GlBzbq4AA2ntV7LRpIkTud
k6jpQsxhP6JTgBQMDIDnytlxGwKW9oRmmtgRPfDP3jiQTOw8QFo9oX5tR+Xvjk36
2vWAcpFVwvYEOvTXcNY27e8Kan0ht/oaCnX9JbA5aF0iQz/yeeCDKg4ltB1R8lLK
xEwJ1bWr+V163cVPaKLcoX38PBqydxUWVcByEWEdAReCp6XcPC/fnLEV/KS8lOlE
bmGCez8FtCEy3a7B+igXnmWYZP+H6eLsVx6lwVjgrT5Doj24vesG+tcU1PTxUhmk
rzG/Ga4OxbFGg98Qvjwq
=sdAD
-----END PGP SIGNATURE-----

More information about the Saucy-changes mailing list