[Bug 1655252] Re: Sync libxi 2:1.7.8-2 (main) from Debian unstable (main)

Tue, 10 Jan 2017 05:21:04 -0800 

This bug was fixed in the package libxi - 2:1.7.8-2

---------------
libxi (2:1.7.8-2) unstable; urgency=medium

  * Cherry-pick upstream commit 557b6079, don't free an uninitialized
    buffer. Closes: #849026.

 -- Emilio Pozuelo Monfort <[email protected]>  Thu, 29 Dec 2016 11:22:29
+0100

libxi (2:1.7.8-1) unstable; urgency=medium

  [ Andreas Boll ]
  * New upstream release.
    - Fixes CVE-2016-7945 and CVE-2016-7946 (Closes: #840440).
  * Update d/upstream/signing-key.asc with Matthieu Herrb's key.
  * Update a bunch of URLs in packaging to https.
  * Bump Standards-Version to 3.9.8, no changes needed.

  [ Emilio Pozuelo Monfort ]
  * Acknowledge 2:1.7.6-1.1 NMU.
  * Cherry-pick upstream commit 7ac03c6c to plug a memory leak in the
    security fix.
  * Cherry-pick upstream commit 4c5c8d62, check a buffer was allocated
    before writing to it.
  * Bump debhelper compat to 10.
    + debhelper now calls dh-autoreconf automatically.
    + debhelper now enables --parallel by default.
  * Switch to -dbgsym packages.
  * debhelper passes --disable-silent-rules to configure for us.
  * Drop explicit build target. dh $@ can handle it.

 -- Emilio Pozuelo Monfort <[email protected]>  Tue, 06 Dec 2016 00:50:24
+0100

libxi (2:1.7.6-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Mark libxi-dev as Multi-Arch: same. Closes: #689068.
  * Explicitly specify documentation's anchor ids instead of generating
    non-reproducible ones during the build (Francois Gouget).

 -- Matthias Klose <[email protected]>  Thu, 03 Nov 2016 14:52:54 +0100

** Changed in: libxi (Ubuntu)
       Status: New => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-7945

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-7946

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1655252

Title:
  Sync libxi 2:1.7.8-2 (main) from Debian unstable (main)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libxi/+bug/1655252/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to