Version 1.2 of the X-Resource extension (added in xserver 1.13)
added some new requests allowing inspection of every resource for a
client, the bytes used per resource, and the PIDs of local clients.
Unfortunately the client library never saw a corresponding release, so
let's fix that.
Problems found locating distfiles:
Package modular-xorg-server: missing distfile xorg-server-1.17.4.tar.bz2
Package py-qt4: missing distfile PyQt-mac-gpl-4.11.1.tar.gz
Package xservers: missing distfile xservers-3.3.6.5.tar.bz2
Package xview-clients: missing distfile xview3.2p1-X11R6.tar.gz
Package xview-lib: missing distfile xview3.2p1-X11R6.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
This release primarily provides the fix for the recently announced
security vulnerability CVE-2013-1988, along with improved compatibility
with future automake releases.
Alan Coopersmith (5):
Replace deprecated Automake INCLUDES variable with AM_CPPFLAGS
Use _XEatDataWords to avoid overflow of rep.length shifting
integer overflow in XResQueryClients() [CVE-2013-1988 1/2]
integer overflow in XResQueryClientResources() [CVE-2013-1988 2/2]
libXres 1.0.7
1.0.6:
This minor maintenance release provides the latest set of the usual
build configuration improvements and janitorial cleanups.
1.0.5:
This minor maintenance release provides the latest set of the usual
build configuration improvements and janitorial cleanups.
This package contains the X Resource Information Extension Library
from the modular X.org project.
X-Resource is an extension that allows a client to query the X
server about its usage of various resources.
