UbuntuUpdates.org

Package "libx11"

Name: libx11

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • X11 client-side library
  • X11 client-side library (debug package)
  • X11 client-side library
  • X11 client-side library (development headers)

Latest version: 2:1.4.99.1-0ubuntu2.5
Release: precise (12.04)
Level: updates
Repository: main

Links



Other versions of "libx11" in Precise

Repository Area Version
base main 2:1.4.99.1-0ubuntu2
security main 2:1.4.99.1-0ubuntu2.5

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:1.4.99.1-0ubuntu2.5 2021-05-03 16:06:21 UTC

  libx11 (2:1.4.99.1-0ubuntu2.5) precise-security; urgency=medium

  [ Marc Deslauriers ]
  * SECURITY UPDATE: integer overflow and heap overflow in XIM client
    - debian/patches/CVE-2020-14344-1.patch: fix signed length values in
      modules/im/ximcp/imRmAttr.c.
    - debian/patches/CVE-2020-14344-2.patch: fix integer overflows in
      modules/im/ximcp/imRmAttr.c.
    - debian/patches/CVE-2020-14344-3.patch: fix more unchecked lengths in
      modules/im/ximcp/imRmAttr.c.
    - debian/patches/CVE-2020-14344-4.patch: zero out buffers in functions
      in modules/im/ximcp/imDefIc.c, modules/im/ximcp/imDefIm.c.
    - debian/patches/CVE-2020-14344-5.patch: change the data_len parameter
      to CARD16 in modules/im/ximcp/imRmAttr.c.
    - debian/patches/CVE-2020-14344-6.patch: fix size calculation in
      modules/im/ximcp/imRmAttr.c.
    - debian/patches/CVE-2020-14344-7.patch: fix input clients connecting
      to server in modules/im/ximcp/imRmAttr.c.
    - CVE-2020-14344
  * SECURITY UPDATE: integer overflow and double free in locale handling
    - debian/patches/CVE-2020-14363.patch: fix an integer overflow in
      modules/om/generic/omGeneric.c.
    - CVE-2020-14363

 -- <email address hidden> (Leonidas S. Barbosa) Wed, 02 Sep 2020 13:42:13 -0300

Source diff to previous version
CVE-2020-14344 An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. A
CVE-2020-14363 Double free in libX11 locale handling code

Version: 2:1.4.99.1-0ubuntu2.3 2015-04-13 19:06:28 UTC

  libx11 (2:1.4.99.1-0ubuntu2.3) precise-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
    - debian/patches/makebigreq_overflow.patch: don't move the last word in
      MakeBigReq in include/X11/Xlibint.h.
    - CVE number pending
 -- Marc Deslauriers <email address hidden> Wed, 08 Apr 2015 08:01:09 -0400

Source diff to previous version

Version: 2:1.4.99.1-0ubuntu2.2 2013-09-12 22:06:54 UTC

  libx11 (2:1.4.99.1-0ubuntu2.2) precise; urgency=low

  * Rebuild against SRUed x11-proto-core (LP: #408903)
 -- Iain Lane <email address hidden> Mon, 22 Jul 2013 11:09:59 +0100

Source diff to previous version

Version: 2:1.4.99.1-0ubuntu2.1 2013-06-05 19:07:08 UTC

  libx11 (2:1.4.99.1-0ubuntu2.1) precise-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    incorrect memory size calculations
    - debian/patches/CVE-2013-1981.patch: fix multiple integer overflows.
    - CVE-2013-1981
  * SECURITY UPDATE: denial of service and possible code execution via
    incorrect length and bounds checking
    - debian/patches/CVE-2013-1997.patch: properly calculate lengths.
    - CVE-2013-1997
  * SECURITY UPDATE: denial of service and possible code execution via
    stack overflow from recursive #include
    - debian/patches/CVE-2013-2004.patch: set limit on depth.
    - CVE-2013-2004
  * debian/patches/001_hide_xeatdatawords.diff: Hide _XEatDataWords by
    default.
 -- Marc Deslauriers <email address hidden> Wed, 29 May 2013 16:20:21 -0400




About   -   Send Feedback to @ubuntu_updates