libXpm 3.5.17 (!22) · Merge requests · xorg / lib / libXpm · GitLab

Due to an influx of spam, we have had to impose restrictions on new accounts. Please see this wiki page for instructions on how to get full permissions. Sorry for the inconvenience.

Alan Coopersmith requested to merge alanc/libxpm:release into master Oct 03, 2023

Alan Coopersmith (10):

Set close-on-exec when opening files
test: use g_pattern_spec_match_string if available
Explicitly mark non-static symbols as export or hidden
Fix CVE-2023-43788: Out of bounds read in XpmCreateXpmImageFromBuffer
test: Add test case for CVE-2023-43789 (corrupt colormap info)
Fix CVE-2023-43789: Out of bounds read on XPM with corrupted colormap
test: Add test case for CVE-2023-43786 (stack exhaustion in PutImage)
Avoid CVE-2023-43786: stack exhaustion in XPutImage()
test: Add test case for CVE-2023-43787 (integer overflow in XCreateImage)
libXpm 3.5.17

Yair Mizrahi (1):

Avoid CVE-2023-43787 (integer overflow in XCreateImage)