Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libX11 for openSUSE:Factory checked in at 2023-10-05 20:02:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libX11 (Old) and /work/SRC/openSUSE:Factory/.libX11.new.28202 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libX11" Thu Oct 5 20:02:42 2023 rev:50 rq:1115072 version:1.8.7 Changes: -------- --- /work/SRC/openSUSE:Factory/libX11/libX11.changes 2023-07-19 19:09:38.368217120 +0200 +++ /work/SRC/openSUSE:Factory/.libX11.new.28202/libX11.changes 2023-10-05 20:02:52.414107068 +0200 @@ -1,0 +2,20 @@ +Tue Oct 3 20:51:22 UTC 2023 - Stefan Dirsch <[email protected]> + +- update to 1.8.7 + This release contains fixes for the issues reported in security + advisory here: + https://lists.x.org/archives/xorg-announce/2023-October/003424.html + * fixes CVE-2023-43785 libX11: out-of-bounds memory access in + _XkbReadKeySyms() (boo#1215683) + * fixes CVE-2023-43786 libX11: stack exhaustion from infinite recursion + in PutSubImage() (boo#1215684) + * fixes CVE-2023-43787 libX11: integer overflow in XCreateImage() + leading to a heap overflow (boo#1215685) + along with: + * Fail XOpenDisplay() if server-provided default visual is invalid (!233) + * Bring XKB docs in line with actual implementation (!231, !228) + * Xutil.h: declare XEmptyRegion() and XEqualRegion() as Bool (!225) + * Assorted updates to en_US.UTF-8 compose keys (!213, !214, !215, !216, + !217, !219, !220, !222, !223, !226, !227, !229) + +------------------------------------------------------------------- Old: ---- libX11-1.8.6.tar.xz New: ---- libX11-1.8.7.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libX11.spec ++++++ --- /var/tmp/diff_new_pack.tR9xPw/_old 2023-10-05 20:02:53.770156057 +0200 +++ /var/tmp/diff_new_pack.tR9xPw/_new 2023-10-05 20:02:53.774156202 +0200 @@ -17,7 +17,7 @@ Name: libX11 -Version: 1.8.6 +Version: 1.8.7 Release: 0 Summary: Core X11 protocol client library License: MIT ++++++ libX11-1.8.6.tar.xz -> libX11-1.8.7.tar.xz ++++++ ++++ 6284 lines of diff (skipped)
