From mike.gabriel@das-netzwerkteam.de Tue Jun 23 15:51:25 2015 Received: (at submit) by bugs.x2go.org; 23 Jun 2015 13:51:28 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 130BF5DA85 for ; Tue, 23 Jun 2015 15:51:24 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id B525E41C3 for ; Tue, 23 Jun 2015 15:51:23 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 430333B987 for ; Tue, 23 Jun 2015 15:51:23 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YArq8kpPJj-a for ; Tue, 23 Jun 2015 15:51:23 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id C9F443B95F for ; Tue, 23 Jun 2015 15:51:22 +0200 (CEST) Received: from bifrost.das-netzwerkteam.de (bifrost.das-netzwerkteam.de [178.62.101.154]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Tue, 23 Jun 2015 13:51:22 +0000 Date: Tue, 23 Jun 2015 13:51:22 +0000 Message-ID: <20150623135122.Horde.HhvXCZMzLO8AzOi0esRD8g1@mail.das-netzwerkteam.de> From: Mike Gabriel To: submit@bugs.x2go.org Subject: Xft.rgba: rgb, crash on big fonts (3.5.0.x backport reminder) User-Agent: Internet Messaging Program (IMP) H5 (6.2.2) Accept-Language: de,en Organization: DAS-NETZWERKTEAM X-Originating-IP: 178.62.101.154 X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0 Iceweasel/32.0 Content-Type: multipart/signed; boundary="=_xcgsPmHf8p9WBwa8xJRYrg3"; protocol="application/pgp-signature"; micalg=pgp-sha1 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_xcgsPmHf8p9WBwa8xJRYrg3 Content-Type: text/plain; charset=UTF-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Package: nxagent Forwarded: https://github.com/ArcticaProject/nx-libs/issues/55 Severity: important This is a reminder bug for backporting fix for issue=20=20 ArcticaProject/nx-libs#55=20to 3.5.0.x of nx-libs once a fix has been=20=20 found. More=20bug tracking / info collecting for this issue happens on Github [1]. Mike [1] https://github.com/ArcticaProject/nx-libs/issues/55 --=20 DAS-NETZWERKTEAM mike=20gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x= fb --=_xcgsPmHf8p9WBwa8xJRYrg3 Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABAgAGBQJViWRaAAoJEJr0azAldxsxpsAP/28JKxbZmG8BhITIIAySLgzy 8rqLBKp6gg9OcTWCIeb1ONG5vMkMpTRNeuVJ83vdBzoTsC3R21hpUV4vCILH1noV ADPDm8TlFyJb1TdtY0bt5sNP2nSmw10tWNu9cHQFRyRH7JWRN8NsY1arJhrpt9sM 3lVuigKBTH1xNefDR4eNfOzy5O2aRo/xsWW2z9CsqvxHO2BXsmKUGeaeo6a5wKcA PSTvCjSkomnkVFA9UoTGUGfPJFFtl4IjrhFsqWjUyiBKRoF8Vppx8GOCXFThT1lA +A+BzkwyUZY+TDBQUshMgkZqv4FNwscMSpTpVakJUSNKmJFJHkohcQRlXWm9EcEp ECcuOEb2mYiQcxV6cJ0vXNmThLy8yeuhF33fGPpoI6oClx4hmzy8AYirrCBoDLt2 Svn3tPJRuI4jK6StTOFPMWdEUffBbj30DA4FtLKrUfWkI+LJINtsgmfCvOzdHjn1 bmYFyxlq6MiBraL+oYAQXmjuT83dNMOppmSNGAZLh/zyQ3wENvslPzdFpyn/Q3cT VrXnWWfWE9loxoDWD1dJ9H1WJbrdY7OcS9jNBwaQQPy/4QF/3so/uYmQhUrziRvm s2x91oV7C2au251QiFHFEw0PAObB0Pqj4yzITJzKr8CEExwtBf9ILFeFVibtsWT8 xF5/kXjzoceVbLING/Ja =B7qS -----END PGP SIGNATURE----- --=_xcgsPmHf8p9WBwa8xJRYrg3-- From mike.gabriel@das-netzwerkteam.de Tue Jun 23 16:17:33 2015 Received: (at 893) by bugs.x2go.org; 23 Jun 2015 14:17:34 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 6DD835DA85 for <893@bugs.x2go.org>; Tue, 23 Jun 2015 16:17:33 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id A822241E5; Tue, 23 Jun 2015 16:17:32 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 36B253B987; Tue, 23 Jun 2015 16:17:31 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Q8sHc1GXBx3; Tue, 23 Jun 2015 16:17:31 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id CB3BF3B966; Tue, 23 Jun 2015 16:17:30 +0200 (CEST) Received: from bifrost.das-netzwerkteam.de (bifrost.das-netzwerkteam.de [178.62.101.154]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Tue, 23 Jun 2015 14:17:30 +0000 Date: Tue, 23 Jun 2015 14:17:30 +0000 Message-ID: <20150623141730.Horde.92ffec9uykyFP0UUv9Uitg1@mail.das-netzwerkteam.de> From: Mike Gabriel To: 893@bugs.x2go.org Cc: stephan.diehl@opensolutions.net Subject: Re: [X2Go-Dev] Bug#893: Xft.rgba: rgb, crash on big fonts (3.5.0.x backport reminder) In-Reply-To: <20150623135122.Horde.HhvXCZMzLO8AzOi0esRD8g1@mail.das-netzwerkteam.de> User-Agent: Internet Messaging Program (IMP) H5 (6.2.2) Accept-Language: de,en Organization: DAS-NETZWERKTEAM X-Originating-IP: 178.62.101.154 X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0 Iceweasel/32.0 Content-Type: multipart/signed; boundary="=_M3WLAWv7hQEUbjXFOtA3bg1"; protocol="application/pgp-signature"; micalg=pgp-sha1 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_M3WLAWv7hQEUbjXFOtA3bg1 Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Control: tags -1 patch On Di 23 Jun 2015 15:51:22 CEST, Mike Gabriel wrote: > Package: nxagent > Forwarded: https://github.com/ArcticaProject/nx-libs/issues/55 > Severity: important > > This is a reminder bug for backporting fix for issue=20=20 >=20ArcticaProject/nx-libs#55 to 3.5.0.x of nx-libs once a fix has been=20= =20 >=20found. > > More bug tracking / info collecting for this issue happens on Github [1]. > > Mike > > [1] https://github.com/ArcticaProject/nx-libs/issues/55 The issue has been fixed on the 3.6.x branch. @Mihai: please backport this "hotfix" to 3.5.0.x and ping me and=20=20 Stephan=20Diehl (Cc:ed) once it is in the nightly builds. Thanks+Greets, Mike --=20 DAS-NETZWERKTEAM mike=20gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x= fb --=_M3WLAWv7hQEUbjXFOtA3bg1 Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABAgAGBQJViWp6AAoJEJr0azAldxsxm9AQAIWZNq7fYTYpLwkca5JAMDXG yen612cSh/p74jXk/CQDJ6Mdog/DqmO3l444LcOgQfvRe7KzRzoKoYH4wnu0wDWW WHEZE3cKnJ/bBdsZaawU/ZMhsMKLcAseBlv+8sSdTbbXne2lAKDYRTEbCpfDoMZM p6KUSprJRjPHXfvdIcsnX+tq/4QiGO7XN2mYK6rkvkk+pKkAFSIc5zeA0Eq9lSWZ jdbJYGBFhu3qbntk073v63YiS6YTHWR335VC2QxNX7b3GhiAv7dtYs4Bt3mjKvdd 45JGpAhVT2AuSZ7bb1/vmKRt/lYj9dfjOADrQSUqasU1jowbvHWQN2+Na7nM+GE9 H6582pFhmUEtm/MqZ+McutA2eTi+fBRqlvPwr06/Cyia7GxBXo5oel/PuoXjO3EY nFxOy6jZK9UegCqXwMJkZBTsRW8LEfdteec6zVAkSM5db8IS7oXt00TLdlKkVdFW mJMF0anaRbl4yWJXNuGAlqTycSjYFnq4GcMvtFgvkpTALjVMnIHOQfVdT+WoxALj XoAaWt3umntTaOF5ssNJWzbX9kOV2gJe1yCfCpjelMcAxf1i60mstL3HNywNmz2E +l/iVRic0Ki9j+x/akALqwyDmhEhHvqajzFW98WElcD6UYfY5v6/ZXGf/rxUFa66 2wKyaTvrvHEbvLZay9D3 =cwGD -----END PGP SIGNATURE----- --=_M3WLAWv7hQEUbjXFOtA3bg1-- From x2go@ymir.das-netzwerkteam.de Tue Jun 23 20:20:16 2015 Received: (at 893) by bugs.x2go.org; 23 Jun 2015 18:20:24 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NO_RELAYS, URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: by ymir.das-netzwerkteam.de (Postfix, from userid 1005) id 5453D5DA8C; Tue, 23 Jun 2015 20:20:16 +0200 (CEST) From: Mihai Moldovan To: 893-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 893@bugs.x2go.org Subject: X2Go issue (in src:nx-libs) has been marked as pending for release Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit X-Mailer: http://snipr.com/post-receive-tag-pending Message-Id: <20150623182016.5453D5DA8C@ymir.das-netzwerkteam.de> Date: Tue, 23 Jun 2015 20:20:16 +0200 (CEST) tag #893 pending fixed #893 2:3.5.0.32 thanks Hello, X2Go issue #893 (src:nx-libs) reported by you has been fixed in X2Go Git. You can see the changelog below, and you can check the diff of the fix at: http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=64b2001 The issue will most likely be fixed in src:nx-libs (2:3.5.0.32). light+love X2Go Git Admin (on behalf of the sender of this mail) --- commit 64b2001db6469ceb29835049e04f4e7b607d8ee2 Author: Emanuele Giaquinta Date: Tue Jun 23 20:06:48 2015 +0200 nx-X11: Fix alpha premultiplication in XRenderParseColor. Fixes: #893. Due to C arithmetic conversion rules we must use an unsigned constant (or a cast) to perform the multiplication using unsigned arithmetic. Fixes ArcticaProject/nx-libs#55. Author: Emanuele Giaquinta Reviewed-by: Jeremy Huddleston v2: backport to nx-libs 3.6.x (Mike Gabriel) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0040_nx-X11_Fix-alpha-premultiplication-in-XRenderPa.full.patch diff --git a/debian/changelog b/debian/changelog index 16a4d2a..e7e6b77 100644 --- a/debian/changelog +++ b/debian/changelog @@ -237,6 +237,14 @@ nx-libs (2:3.5.0.32-0x2go1) UNRELEASED; urgency=low Adds: - 0660_nxcomp_fix-negotiation-in-stage-10-error.full+lite.patch + [ Emanuele Giaquinta ] + * nx-X11: Fix alpha premultiplication in XRenderParseColor. + Fixes: #893. + v2: backport to nx-libs 3.6.x (Mike Gabriel) + v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) + Adds: + - 0040_nx-X11_Fix-alpha-premultiplication-in-XRenderPa.full.patch + -- X2Go Release Manager Tue, 17 Mar 2015 19:19:32 +0100 nx-libs (2:3.5.0.31-0x2go1) unstable; urgency=low From x2go@ymir.das-netzwerkteam.de Sat Jul 4 04:52:40 2015 Received: (at 893) by bugs.x2go.org; 4 Jul 2015 02:52:45 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NO_RELAYS, URIBL_BLOCKED autolearn=ham version=3.3.2 Received: by ymir.das-netzwerkteam.de (Postfix, from userid 1005) id 68F2B5DA88; Sat, 4 Jul 2015 04:52:40 +0200 (CEST) From: X2Go Release Manager To: 893-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 893@bugs.x2go.org Subject: X2Go issue (in src:nx-libs) has been marked as closed Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Message-Id: <20150704025240.68F2B5DA88@ymir.das-netzwerkteam.de> Date: Sat, 4 Jul 2015 04:52:40 +0200 (CEST) close #893 thanks Hello, we are very hopeful that X2Go issue #893 reported by you has been resolved in the new release (2:3.5.0.32) of the X2Go source project »src:nx-libs«. You can view the complete changelog entry of src:nx-libs (2:3.5.0.32) below, and you can use the following link to view all the code changes between this and the last release of src:nx-libs. http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=fdd7f7ac5d9ef251f39e53ff6604962022287e36;hp=71589a05045ef70d5f057e3ad29a62ca0b4c989d If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:nx-libs. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:nx-libs Version: 2:3.5.0.32-0x2go1 Status: RELEASE Date: Sat, 04 Jul 2015 04:44:00 +0200 Fixes: 853 893 Changes: nx-libs (2:3.5.0.32-0x2go1) RELEASED; urgency=low . [ Mihai Moldovan ] * Only use the first three numbers in the full version for current_version on OS X. ld(1) on 10.6 fails otherwise. Affected: - 0420_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full.patch - 0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full.patch * nx-X11: handle source pictures (those without a Drawable surface) gracefully. Adds: - 0017_nx-X11_fix-SetPictureFilter.full.patch * nx-X11: fix typo in previous patch. Affects: - 0017_nx-X11_fix-SetPictureFilter.full.patch * nx-X11: add more NULL guards to TEST and DEBUG sections of Render.c. Affects: - 0990_fix-DEBUG-and-TEST-builds.full.patch * CVE patches were previously not included in release tarballs. Rename: - 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch => 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-.full.patch - 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch => 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch - 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch => 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch - 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch => 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch - 1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch => 1005-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch => 1006-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch => 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_co.full.patch - 1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch => 1008-Don-t-crash-when-we-receive-an-FS_Error-from-th.full.patch - 1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch => 1009-CVE-2014-0210-unvalidated-lengths-when-reading-.full.patch - 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch => 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-.full.patch - 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch => 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch => 1012-CVE-2014-0211-integer-overflow-in-fs_read_exten.full.patch - 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch => 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyp.full.patch - 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch => 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch => 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch => 1018-unchecked-malloc-may-allow-unauthed-client-to-c.full.patch - 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch => 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch - 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch => 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-.full.patch - 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch => 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8.full.patch - 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch => 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch - 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch => 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls.full.patch - 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch => 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-.full.patch - 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch => 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch - 1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch => 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch - 1027-render-check-request-size-before-reading-it-CVE-2014.patch => 1027-render-check-request-size-before-reading-it-CVE.full.patch - 1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch => 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch - 1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch => 1029-xfixes-unvalidated-length-in-SProcXFixesSelectS.full.patch - 1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch => 1030-randr-unvalidated-lengths-in-RandR-extension-sw.full.patch - 1031-glx-Be-more-paranoid-about-variable-length-requests-.patch => 1031-glx-Be-more-paranoid-about-variable-length-requ.full.patch - 1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch => 1032-glx-Be-more-strict-about-rejecting-invalid-imag.full.patch - 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch => 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer.full.patch - 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch => 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch - 1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch => 1035-glx-Length-checking-for-GLXRender-requests-v2-C.full.patch - 1036-glx-Integer-overflow-protection-for-non-generated-re.patch => 1036-glx-Integer-overflow-protection-for-non-generat.full.patch - 1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch => 1037-glx-Top-level-length-checking-for-swapped-Vendo.full.patch - 1038-glx-Length-checking-for-non-generated-single-request.patch => 1038-glx-Length-checking-for-non-generated-single-re.full.patch - 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch => 1039-glx-Length-checking-for-RenderLarge-requests-v2.full.patch - 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch => 1040-glx-Pass-remaining-request-length-into-varsize-.full.patch - 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch => 1041-nx-X11-lib-font-fc-fserve.c-initialize-remainin.full.patch - 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch => 1042-Do-proper-input-validation-to-fix-for-CVE-2011-.full.patch - 1101-Coverity-844-845-846-Fix-memory-leaks.patch => 1101-Coverity-844-845-846-Fix-memory-leaks.full.patch - 1102-include-introduce-byte-counting-functions.patch => 1102-include-introduce-byte-counting-functions.full.patch - 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch => 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input.full.patch - 1104-xkb-Check-strings-length-against-request-size.patch => 1104-xkb-Check-strings-length-against-request-size.full.patch * debian/rolltarball.sh: Cherry-picked from Arctica GH 3.6.x branch. . - Use more quotes. Fixes potential bugs, including one triggered by an unquoted hash within the command line. BASH accepts this. Other shells do not (i.e., treat everything following the hash character as a comment.) - Convert tabs to spaces for consistency. - Use more curly braces. Prevents random characters as being treated as part of a variable name. - Don't escape last newline of a multiline command. Worked out fine so far, because the next line was empty, but this can easily change... * README.keystrokes: Backported from Arctica GH 3.6.x branch. Affects: + 0320_nxagent_configurable-keystrokes.full.patch . - Copy actions documentation from the wiki. - Add documentation for branding behavior. - Remove accidentally copied Dokuwiki syntax. * debian/keystrokes.cfg: fix whitespace errors. Backported from Arctica GH 3.6.x branch. * debian/libnx-xinerama1.*: also create libXinerama symlink in libnx-xinerama1.postinst.postinst (and remove in libnx-xinerama1.postinst.prerm.) Backported from Arctica GH 3.6.x branch. * debian/libnx-xinerama1.*: move Xinerama dir back to nx-x11-common. Only delete known files. Fixes RPM build failures. Backported from Arctica GH 3.6.x branch. * nx-libs.spec: actually create libXinerama.so.1 symlink during build phase. Backported from Arctica GH 3.6.x branch. * debian/control: workaround missing dependencies of nxagent on Ubuntu for now. * debian/libnx-xinerama1.*: fix faulty logic when creating symlinks. Backported from Arctica GH 3.6.x branch. * Security Fixes: - X.Org CVE-2014-8100: v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1027-render-check-request-size-before-reading-it-CVE.full.patch * Security Fixes: - X.Org CVE-2014-8100: v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch * nxcomp/Misc.cpp: fix build failure introduced in a27a8aae3ca7a3f70e05152ac3d347942e11159d. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch * Security Fixes: - X.Org CVE-2013-4396: v2: Apply to NXdixfonts.c rather than dixfonts.c (Mike DePaulo) v3: backport v2 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch * Security Fixes: - X.Org CVE-2014-8092: v3: port to NXdispatch.c rather than dispatch.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch * Security Fixes: - X.Org CVE-2015-3418: v3: port to NXdispatch.c rather than dispatch.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch * Security Fixes: - X.Org CVE-2014-8099: v3: port to NXxvdisp.c rather than xvdisp.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch . [ Bernard Cafarelli ] * nx-X11: link to libdl to fix undefined references to 'dlopen' and 'dlsym'. Fixes: #853. v2: generally link to libdl in all of nx-X11. (Mike Gabriel) Adds: - 0630_nx-X11_fix-underlinking-dlopen-dlsym.full.patch . [ Mike Gabriel ] * Security Fixes: - X.Org CVE-2013-7439: 1200-CVE-2013-7439-MakeBigReq-don-t-move-the-last-wo.full.patch * nx-X11: Prevent underlinking by linking to libNX_X{11,damage,fixes). Adds: - 0640_nx-X11_fix-underlinking-libNX_Xcomposite_damage_fixes.full.patch * nxcompshad: Prevent underlinking by linking to libNX_Xext. Adds: - 0650_nxcompshad_link-to-NX_Xext.full.patch * Security Fixes: - X.Org CVE-2015-3418: 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch * debian/roll-tarball.sh: + Make sure *.keyboard, debian/**, nx-libs.spec, .pc/** don't end up in tarball (special focus on the nx-libs-lite tarball). + Allow patch files names having a dash next to the four digits (i.e., 1234-.). + Support tarring up the HEAD of the current branch. * debian/COPYING.full+lite: + Replace content with GPL-2 license text, because that is the overall (i.e., strictest) license we have to deal with in nx-libs. * Add 9900-dxpc-license-history.full+lite.patch. Document license history of DXPC (where nxcomp got forked from). Backported from Arctica GH 3.6.x branch. * nxcomp/README.on-retroactive-DXPC-license: Some layout and interpunctuation fixes. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch . [ Nito Martinez ] * nxcomp: fix DEBUG, TEST, DUMP, FLUSH, TOKEN, PING, MIXED et al builds. Adds: - 0992_fix-DEBUG-TEST-DUMP-FLUSH-TOKEN-PING-et-al-builds.full+lite.patch . [ Vadim Troshchinskiy ] * nxcomp: fix "negotiation in stage 10" error. v2: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0660_nxcomp_fix-negotiation-in-stage-10-error.full+lite.patch . [ Emanuele Giaquinta ] * nx-X11: Fix alpha premultiplication in XRenderParseColor. Fixes: #893. v2: backport to nx-libs 3.6.x (Mike Gabriel) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0040_nx-X11_Fix-alpha-premultiplication-in-XRenderPa.full.patch . [ Michael DePaulo ] * {nx-X11,nxproxy}: correct manpages: --help -> -help xorg-server does not follow the convention of using 2 dashes. Note that --help does produce the help output. However, it produces this additional output after it: Error: Aborting session with 'Unrecognized option: --help'. Session: Aborting session at 'Sun Jun 28 01:35:35 2015'. Session: Session aborted at 'Sun Jun 28 01:35:35 2015'. It also causes a return code of 1 rather than 0. Therefore, we should instruct users to call -help instead. . v2: backport to nx-libs 3.5.0.x (Mihai Moldovan) Affects: - 0009_nxagent_add-man-page.full.patch - 0009_nxproxy_add-man-page.full+lite.patch - 0209_x2goagent_add-man-page.full.patch . [ Ulrich Sibiller ] * nx-X11: Bug 51375: Xorg doesn't set status for RRGetOutputInfo Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1250_nx-X11_Bug-51375-Xorg-doesn_t-set-status-for-RR.full.patch * nx-X11: Drop a reference to user mode after create Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1251_nx-X11_Drop-a-reference-to-user-mode-after-crea.full.patch * nx-X11: Free randr crtc and output pointer arrays Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1252_nx-X11_Free-randr-crtc-and-output-pointer-array.full.patch * nx-X11: randr: check for virtual size limits before set crtc Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1253_nx-X11_randr-check-for-virtual-size-limits-befo.full.patch * nx-X11: randr: fix server crash in RRGetScreenInfo Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1254_nx-X11_randr-fix-server-crash-in-RRGetScreenInf.full.patch * nx-X11: RRModeCreate: plug memory leak of newModes if AddResource fails Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1255_nx-X11_RRModeCreate-plug-memory-leak-of-newMode.full.patch * nx-X11: ProcRRGetScreenInfo: swap configTimestamp as well Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1256_nx-X11_ProcRRGetScreenInfo-swap-configTimestamp.full.patch * nx-X11: randr: Fix REQUEST vs. REQUEST_SIZE_MATCH mismatch Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1257_nx-X11_randr-Fix-REQUEST-vs-REQUEST_SIZE_MATCH-.full.patch * nx-X11: randr: Clean up compiler warnings about unused and shadowing variables Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1258_nx-X11_randr-Clean-up-compiler-warnings-about-u.full.patch * nx-X11: Make RANDR 'set' timestamps follow client specified time. Bug 21987. Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1259_nx-X11_Make-RANDR-_set_-timestamps-follow-clien.full.patch * nx-X11: xserver: Avoid sending uninitialized padding data over the network Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1260_nx-X11_xserver-Avoid-sending-uninitialized-padd.full.patch From x2go@ymir.das-netzwerkteam.de Sat Jul 4 04:52:38 2015 Received: (at 893) by bugs.x2go.org; 4 Jul 2015 02:53:12 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NO_RELAYS, URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: by ymir.das-netzwerkteam.de (Postfix, from userid 1005) id 936FC5DA86; Sat, 4 Jul 2015 04:52:38 +0200 (CEST) From: X2Go Release Manager To: 893-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 893@bugs.x2go.org Subject: X2Go issue (in src:nx-libs) has been marked as closed Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Message-Id: <20150704025238.936FC5DA86@ymir.das-netzwerkteam.de> Date: Sat, 4 Jul 2015 04:52:38 +0200 (CEST) close #893 thanks Hello, we are very hopeful that X2Go issue #893 reported by you has been resolved in the new release (2:3.5.0.32) of the X2Go source project »src:nx-libs«. You can view the complete changelog entry of src:nx-libs (2:3.5.0.32) below, and you can use the following link to view all the code changes between this and the last release of src:nx-libs. http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=312ecad3b06547bc7e8e858f332bab959e1a7579;hp=71589a05045ef70d5f057e3ad29a62ca0b4c989d If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:nx-libs. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:nx-libs Version: 2:3.5.0.32-0x2go1 Status: RELEASE Date: Sat, 04 Jul 2015 04:44:00 +0200 Fixes: 853 893 Changes: nx-libs (2:3.5.0.32-0x2go1) RELEASED; urgency=low . [ Mihai Moldovan ] * Only use the first three numbers in the full version for current_version on OS X. ld(1) on 10.6 fails otherwise. Affected: - 0420_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full.patch - 0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full.patch * nx-X11: handle source pictures (those without a Drawable surface) gracefully. Adds: - 0017_nx-X11_fix-SetPictureFilter.full.patch * nx-X11: fix typo in previous patch. Affects: - 0017_nx-X11_fix-SetPictureFilter.full.patch * nx-X11: add more NULL guards to TEST and DEBUG sections of Render.c. Affects: - 0990_fix-DEBUG-and-TEST-builds.full.patch * CVE patches were previously not included in release tarballs. Rename: - 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch => 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-.full.patch - 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch => 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch - 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch => 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch - 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch => 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch - 1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch => 1005-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch => 1006-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch => 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_co.full.patch - 1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch => 1008-Don-t-crash-when-we-receive-an-FS_Error-from-th.full.patch - 1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch => 1009-CVE-2014-0210-unvalidated-lengths-when-reading-.full.patch - 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch => 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-.full.patch - 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch => 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch => 1012-CVE-2014-0211-integer-overflow-in-fs_read_exten.full.patch - 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch => 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyp.full.patch - 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch => 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch => 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch => 1018-unchecked-malloc-may-allow-unauthed-client-to-c.full.patch - 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch => 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch - 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch => 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-.full.patch - 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch => 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8.full.patch - 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch => 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch - 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch => 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls.full.patch - 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch => 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-.full.patch - 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch => 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch - 1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch => 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch - 1027-render-check-request-size-before-reading-it-CVE-2014.patch => 1027-render-check-request-size-before-reading-it-CVE.full.patch - 1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch => 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch - 1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch => 1029-xfixes-unvalidated-length-in-SProcXFixesSelectS.full.patch - 1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch => 1030-randr-unvalidated-lengths-in-RandR-extension-sw.full.patch - 1031-glx-Be-more-paranoid-about-variable-length-requests-.patch => 1031-glx-Be-more-paranoid-about-variable-length-requ.full.patch - 1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch => 1032-glx-Be-more-strict-about-rejecting-invalid-imag.full.patch - 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch => 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer.full.patch - 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch => 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch - 1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch => 1035-glx-Length-checking-for-GLXRender-requests-v2-C.full.patch - 1036-glx-Integer-overflow-protection-for-non-generated-re.patch => 1036-glx-Integer-overflow-protection-for-non-generat.full.patch - 1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch => 1037-glx-Top-level-length-checking-for-swapped-Vendo.full.patch - 1038-glx-Length-checking-for-non-generated-single-request.patch => 1038-glx-Length-checking-for-non-generated-single-re.full.patch - 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch => 1039-glx-Length-checking-for-RenderLarge-requests-v2.full.patch - 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch => 1040-glx-Pass-remaining-request-length-into-varsize-.full.patch - 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch => 1041-nx-X11-lib-font-fc-fserve.c-initialize-remainin.full.patch - 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch => 1042-Do-proper-input-validation-to-fix-for-CVE-2011-.full.patch - 1101-Coverity-844-845-846-Fix-memory-leaks.patch => 1101-Coverity-844-845-846-Fix-memory-leaks.full.patch - 1102-include-introduce-byte-counting-functions.patch => 1102-include-introduce-byte-counting-functions.full.patch - 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch => 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input.full.patch - 1104-xkb-Check-strings-length-against-request-size.patch => 1104-xkb-Check-strings-length-against-request-size.full.patch * debian/rolltarball.sh: Cherry-picked from Arctica GH 3.6.x branch. . - Use more quotes. Fixes potential bugs, including one triggered by an unquoted hash within the command line. BASH accepts this. Other shells do not (i.e., treat everything following the hash character as a comment.) - Convert tabs to spaces for consistency. - Use more curly braces. Prevents random characters as being treated as part of a variable name. - Don't escape last newline of a multiline command. Worked out fine so far, because the next line was empty, but this can easily change... * README.keystrokes: Backported from Arctica GH 3.6.x branch. Affects: + 0320_nxagent_configurable-keystrokes.full.patch . - Copy actions documentation from the wiki. - Add documentation for branding behavior. - Remove accidentally copied Dokuwiki syntax. * debian/keystrokes.cfg: fix whitespace errors. Backported from Arctica GH 3.6.x branch. * debian/libnx-xinerama1.*: also create libXinerama symlink in libnx-xinerama1.postinst.postinst (and remove in libnx-xinerama1.postinst.prerm.) Backported from Arctica GH 3.6.x branch. * debian/libnx-xinerama1.*: move Xinerama dir back to nx-x11-common. Only delete known files. Fixes RPM build failures. Backported from Arctica GH 3.6.x branch. * nx-libs.spec: actually create libXinerama.so.1 symlink during build phase. Backported from Arctica GH 3.6.x branch. * debian/control: workaround missing dependencies of nxagent on Ubuntu for now. * debian/libnx-xinerama1.*: fix faulty logic when creating symlinks. Backported from Arctica GH 3.6.x branch. * Security Fixes: - X.Org CVE-2014-8100: v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1027-render-check-request-size-before-reading-it-CVE.full.patch * Security Fixes: - X.Org CVE-2014-8100: v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch * nxcomp/Misc.cpp: fix build failure introduced in a27a8aae3ca7a3f70e05152ac3d347942e11159d. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch * Security Fixes: - X.Org CVE-2013-4396: v2: Apply to NXdixfonts.c rather than dixfonts.c (Mike DePaulo) v3: backport v2 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch * Security Fixes: - X.Org CVE-2014-8092: v3: port to NXdispatch.c rather than dispatch.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch * Security Fixes: - X.Org CVE-2015-3418: v3: port to NXdispatch.c rather than dispatch.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch * Security Fixes: - X.Org CVE-2014-8099: v3: port to NXxvdisp.c rather than xvdisp.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch . [ Bernard Cafarelli ] * nx-X11: link to libdl to fix undefined references to 'dlopen' and 'dlsym'. Fixes: #853. v2: generally link to libdl in all of nx-X11. (Mike Gabriel) Adds: - 0630_nx-X11_fix-underlinking-dlopen-dlsym.full.patch . [ Mike Gabriel ] * Security Fixes: - X.Org CVE-2013-7439: 1200-CVE-2013-7439-MakeBigReq-don-t-move-the-last-wo.full.patch * nx-X11: Prevent underlinking by linking to libNX_X{11,damage,fixes). Adds: - 0640_nx-X11_fix-underlinking-libNX_Xcomposite_damage_fixes.full.patch * nxcompshad: Prevent underlinking by linking to libNX_Xext. Adds: - 0650_nxcompshad_link-to-NX_Xext.full.patch * Security Fixes: - X.Org CVE-2015-3418: 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch * debian/roll-tarball.sh: + Make sure *.keyboard, debian/**, nx-libs.spec, .pc/** don't end up in tarball (special focus on the nx-libs-lite tarball). + Allow patch files names having a dash next to the four digits (i.e., 1234-.). + Support tarring up the HEAD of the current branch. * debian/COPYING.full+lite: + Replace content with GPL-2 license text, because that is the overall (i.e., strictest) license we have to deal with in nx-libs. * Add 9900-dxpc-license-history.full+lite.patch. Document license history of DXPC (where nxcomp got forked from). Backported from Arctica GH 3.6.x branch. * nxcomp/README.on-retroactive-DXPC-license: Some layout and interpunctuation fixes. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch . [ Nito Martinez ] * nxcomp: fix DEBUG, TEST, DUMP, FLUSH, TOKEN, PING, MIXED et al builds. Adds: - 0992_fix-DEBUG-TEST-DUMP-FLUSH-TOKEN-PING-et-al-builds.full+lite.patch . [ Vadim Troshchinskiy ] * nxcomp: fix "negotiation in stage 10" error. v2: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0660_nxcomp_fix-negotiation-in-stage-10-error.full+lite.patch . [ Emanuele Giaquinta ] * nx-X11: Fix alpha premultiplication in XRenderParseColor. Fixes: #893. v2: backport to nx-libs 3.6.x (Mike Gabriel) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0040_nx-X11_Fix-alpha-premultiplication-in-XRenderPa.full.patch . [ Michael DePaulo ] * {nx-X11,nxproxy}: correct manpages: --help -> -help xorg-server does not follow the convention of using 2 dashes. Note that --help does produce the help output. However, it produces this additional output after it: Error: Aborting session with 'Unrecognized option: --help'. Session: Aborting session at 'Sun Jun 28 01:35:35 2015'. Session: Session aborted at 'Sun Jun 28 01:35:35 2015'. It also causes a return code of 1 rather than 0. Therefore, we should instruct users to call -help instead. . v2: backport to nx-libs 3.5.0.x (Mihai Moldovan) Affects: - 0009_nxagent_add-man-page.full.patch - 0009_nxproxy_add-man-page.full+lite.patch - 0209_x2goagent_add-man-page.full.patch . [ Ulrich Sibiller ] * nx-X11: Bug 51375: Xorg doesn't set status for RRGetOutputInfo Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1250_nx-X11_Bug-51375-Xorg-doesn_t-set-status-for-RR.full.patch * nx-X11: Drop a reference to user mode after create Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1251_nx-X11_Drop-a-reference-to-user-mode-after-crea.full.patch * nx-X11: Free randr crtc and output pointer arrays Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1252_nx-X11_Free-randr-crtc-and-output-pointer-array.full.patch * nx-X11: randr: check for virtual size limits before set crtc Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1253_nx-X11_randr-check-for-virtual-size-limits-befo.full.patch * nx-X11: randr: fix server crash in RRGetScreenInfo Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1254_nx-X11_randr-fix-server-crash-in-RRGetScreenInf.full.patch * nx-X11: RRModeCreate: plug memory leak of newModes if AddResource fails Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1255_nx-X11_RRModeCreate-plug-memory-leak-of-newMode.full.patch * nx-X11: ProcRRGetScreenInfo: swap configTimestamp as well Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1256_nx-X11_ProcRRGetScreenInfo-swap-configTimestamp.full.patch * nx-X11: randr: Fix REQUEST vs. REQUEST_SIZE_MATCH mismatch Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1257_nx-X11_randr-Fix-REQUEST-vs-REQUEST_SIZE_MATCH-.full.patch * nx-X11: randr: Clean up compiler warnings about unused and shadowing variables Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1258_nx-X11_randr-Clean-up-compiler-warnings-about-u.full.patch * nx-X11: Make RANDR 'set' timestamps follow client specified time. Bug 21987. Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1259_nx-X11_Make-RANDR-_set_-timestamps-follow-clien.full.patch * nx-X11: xserver: Avoid sending uninitialized padding data over the network Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1260_nx-X11_xserver-Avoid-sending-uninitialized-padd.full.patch From unknown Fri Mar 29 02:23:33 2024 MIME-Version: 1.0 X-Mailer: MIME-tools 5.502 (Entity 5.502) X-Loop: owner@bugs.x2go.org From: owner@bugs.x2go.org (X2Go Bug Tracking System) Subject: Bug#893 closed by X2Go Release Manager (X2Go issue (in src:nx-libs) has been marked as closed) Message-ID: References: <20150704025238.936FC5DA86@ymir.das-netzwerkteam.de> X-X2go-PR-Keywords: pending patch X-X2go-PR-Message: they-closed 893 X-X2go-PR-Package: nxagent X-X2go-PR-Source: nx-libs Date: Sat, 04 Jul 2015 02:55:07 +0000 Content-Type: multipart/mixed; boundary="----------=_1435978507-31146-0" This is a multi-part message in MIME format... ------------=_1435978507-31146-0 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 This is an automatic notification regarding your Bug report which was filed against the nxagent package: #893: Xft.rgba: rgb, crash on big fonts (3.5.0.x backport reminder) It has been closed by X2Go Release Manager . Their explanation is attached below along with your original report. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact X2Go Release Manager <= git-admin@x2go.org> by replying to this email. --=20 X2Go Bug Tracking System Contact owner@bugs.x2go.org with problems ------------=_1435978507-31146-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at control) by bugs.x2go.org; 4 Jul 2015 02:53:06 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NO_RELAYS, URIBL_BLOCKED autolearn=ham version=3.3.2 Received: by ymir.das-netzwerkteam.de (Postfix, from userid 1005) id 936FC5DA86; Sat, 4 Jul 2015 04:52:38 +0200 (CEST) From: X2Go Release Manager To: 893-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 893@bugs.x2go.org Subject: X2Go issue (in src:nx-libs) has been marked as closed Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Message-Id: <20150704025238.936FC5DA86@ymir.das-netzwerkteam.de> Date: Sat, 4 Jul 2015 04:52:38 +0200 (CEST) close #893 thanks Hello, we are very hopeful that X2Go issue #893 reported by you has been resolved in the new release (2:3.5.0.32) of the X2Go source project »src:nx-libs«. You can view the complete changelog entry of src:nx-libs (2:3.5.0.32) below, and you can use the following link to view all the code changes between this and the last release of src:nx-libs. http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=312ecad3b06547bc7e8e858f332bab959e1a7579;hp=71589a05045ef70d5f057e3ad29a62ca0b4c989d If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:nx-libs. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:nx-libs Version: 2:3.5.0.32-0x2go1 Status: RELEASE Date: Sat, 04 Jul 2015 04:44:00 +0200 Fixes: 853 893 Changes: nx-libs (2:3.5.0.32-0x2go1) RELEASED; urgency=low . [ Mihai Moldovan ] * Only use the first three numbers in the full version for current_version on OS X. ld(1) on 10.6 fails otherwise. Affected: - 0420_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full.patch - 0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full.patch * nx-X11: handle source pictures (those without a Drawable surface) gracefully. Adds: - 0017_nx-X11_fix-SetPictureFilter.full.patch * nx-X11: fix typo in previous patch. Affects: - 0017_nx-X11_fix-SetPictureFilter.full.patch * nx-X11: add more NULL guards to TEST and DEBUG sections of Render.c. Affects: - 0990_fix-DEBUG-and-TEST-builds.full.patch * CVE patches were previously not included in release tarballs. Rename: - 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch => 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-.full.patch - 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch => 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch - 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch => 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch - 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch => 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch - 1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch => 1005-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch => 1006-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch => 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_co.full.patch - 1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch => 1008-Don-t-crash-when-we-receive-an-FS_Error-from-th.full.patch - 1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch => 1009-CVE-2014-0210-unvalidated-lengths-when-reading-.full.patch - 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch => 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-.full.patch - 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch => 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch => 1012-CVE-2014-0211-integer-overflow-in-fs_read_exten.full.patch - 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch => 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyp.full.patch - 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch => 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch => 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch => 1018-unchecked-malloc-may-allow-unauthed-client-to-c.full.patch - 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch => 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch - 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch => 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-.full.patch - 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch => 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8.full.patch - 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch => 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch - 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch => 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls.full.patch - 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch => 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-.full.patch - 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch => 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch - 1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch => 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch - 1027-render-check-request-size-before-reading-it-CVE-2014.patch => 1027-render-check-request-size-before-reading-it-CVE.full.patch - 1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch => 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch - 1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch => 1029-xfixes-unvalidated-length-in-SProcXFixesSelectS.full.patch - 1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch => 1030-randr-unvalidated-lengths-in-RandR-extension-sw.full.patch - 1031-glx-Be-more-paranoid-about-variable-length-requests-.patch => 1031-glx-Be-more-paranoid-about-variable-length-requ.full.patch - 1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch => 1032-glx-Be-more-strict-about-rejecting-invalid-imag.full.patch - 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch => 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer.full.patch - 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch => 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch - 1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch => 1035-glx-Length-checking-for-GLXRender-requests-v2-C.full.patch - 1036-glx-Integer-overflow-protection-for-non-generated-re.patch => 1036-glx-Integer-overflow-protection-for-non-generat.full.patch - 1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch => 1037-glx-Top-level-length-checking-for-swapped-Vendo.full.patch - 1038-glx-Length-checking-for-non-generated-single-request.patch => 1038-glx-Length-checking-for-non-generated-single-re.full.patch - 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch => 1039-glx-Length-checking-for-RenderLarge-requests-v2.full.patch - 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch => 1040-glx-Pass-remaining-request-length-into-varsize-.full.patch - 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch => 1041-nx-X11-lib-font-fc-fserve.c-initialize-remainin.full.patch - 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch => 1042-Do-proper-input-validation-to-fix-for-CVE-2011-.full.patch - 1101-Coverity-844-845-846-Fix-memory-leaks.patch => 1101-Coverity-844-845-846-Fix-memory-leaks.full.patch - 1102-include-introduce-byte-counting-functions.patch => 1102-include-introduce-byte-counting-functions.full.patch - 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch => 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input.full.patch - 1104-xkb-Check-strings-length-against-request-size.patch => 1104-xkb-Check-strings-length-against-request-size.full.patch * debian/rolltarball.sh: Cherry-picked from Arctica GH 3.6.x branch. . - Use more quotes. Fixes potential bugs, including one triggered by an unquoted hash within the command line. BASH accepts this. Other shells do not (i.e., treat everything following the hash character as a comment.) - Convert tabs to spaces for consistency. - Use more curly braces. Prevents random characters as being treated as part of a variable name. - Don't escape last newline of a multiline command. Worked out fine so far, because the next line was empty, but this can easily change... * README.keystrokes: Backported from Arctica GH 3.6.x branch. Affects: + 0320_nxagent_configurable-keystrokes.full.patch . - Copy actions documentation from the wiki. - Add documentation for branding behavior. - Remove accidentally copied Dokuwiki syntax. * debian/keystrokes.cfg: fix whitespace errors. Backported from Arctica GH 3.6.x branch. * debian/libnx-xinerama1.*: also create libXinerama symlink in libnx-xinerama1.postinst.postinst (and remove in libnx-xinerama1.postinst.prerm.) Backported from Arctica GH 3.6.x branch. * debian/libnx-xinerama1.*: move Xinerama dir back to nx-x11-common. Only delete known files. Fixes RPM build failures. Backported from Arctica GH 3.6.x branch. * nx-libs.spec: actually create libXinerama.so.1 symlink during build phase. Backported from Arctica GH 3.6.x branch. * debian/control: workaround missing dependencies of nxagent on Ubuntu for now. * debian/libnx-xinerama1.*: fix faulty logic when creating symlinks. Backported from Arctica GH 3.6.x branch. * Security Fixes: - X.Org CVE-2014-8100: v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1027-render-check-request-size-before-reading-it-CVE.full.patch * Security Fixes: - X.Org CVE-2014-8100: v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch * nxcomp/Misc.cpp: fix build failure introduced in a27a8aae3ca7a3f70e05152ac3d347942e11159d. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch * Security Fixes: - X.Org CVE-2013-4396: v2: Apply to NXdixfonts.c rather than dixfonts.c (Mike DePaulo) v3: backport v2 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch * Security Fixes: - X.Org CVE-2014-8092: v3: port to NXdispatch.c rather than dispatch.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch * Security Fixes: - X.Org CVE-2015-3418: v3: port to NXdispatch.c rather than dispatch.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch * Security Fixes: - X.Org CVE-2014-8099: v3: port to NXxvdisp.c rather than xvdisp.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch . [ Bernard Cafarelli ] * nx-X11: link to libdl to fix undefined references to 'dlopen' and 'dlsym'. Fixes: #853. v2: generally link to libdl in all of nx-X11. (Mike Gabriel) Adds: - 0630_nx-X11_fix-underlinking-dlopen-dlsym.full.patch . [ Mike Gabriel ] * Security Fixes: - X.Org CVE-2013-7439: 1200-CVE-2013-7439-MakeBigReq-don-t-move-the-last-wo.full.patch * nx-X11: Prevent underlinking by linking to libNX_X{11,damage,fixes). Adds: - 0640_nx-X11_fix-underlinking-libNX_Xcomposite_damage_fixes.full.patch * nxcompshad: Prevent underlinking by linking to libNX_Xext. Adds: - 0650_nxcompshad_link-to-NX_Xext.full.patch * Security Fixes: - X.Org CVE-2015-3418: 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch * debian/roll-tarball.sh: + Make sure *.keyboard, debian/**, nx-libs.spec, .pc/** don't end up in tarball (special focus on the nx-libs-lite tarball). + Allow patch files names having a dash next to the four digits (i.e., 1234-.). + Support tarring up the HEAD of the current branch. * debian/COPYING.full+lite: + Replace content with GPL-2 license text, because that is the overall (i.e., strictest) license we have to deal with in nx-libs. * Add 9900-dxpc-license-history.full+lite.patch. Document license history of DXPC (where nxcomp got forked from). Backported from Arctica GH 3.6.x branch. * nxcomp/README.on-retroactive-DXPC-license: Some layout and interpunctuation fixes. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch . [ Nito Martinez ] * nxcomp: fix DEBUG, TEST, DUMP, FLUSH, TOKEN, PING, MIXED et al builds. Adds: - 0992_fix-DEBUG-TEST-DUMP-FLUSH-TOKEN-PING-et-al-builds.full+lite.patch . [ Vadim Troshchinskiy ] * nxcomp: fix "negotiation in stage 10" error. v2: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0660_nxcomp_fix-negotiation-in-stage-10-error.full+lite.patch . [ Emanuele Giaquinta ] * nx-X11: Fix alpha premultiplication in XRenderParseColor. Fixes: #893. v2: backport to nx-libs 3.6.x (Mike Gabriel) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0040_nx-X11_Fix-alpha-premultiplication-in-XRenderPa.full.patch . [ Michael DePaulo ] * {nx-X11,nxproxy}: correct manpages: --help -> -help xorg-server does not follow the convention of using 2 dashes. Note that --help does produce the help output. However, it produces this additional output after it: Error: Aborting session with 'Unrecognized option: --help'. Session: Aborting session at 'Sun Jun 28 01:35:35 2015'. Session: Session aborted at 'Sun Jun 28 01:35:35 2015'. It also causes a return code of 1 rather than 0. Therefore, we should instruct users to call -help instead. . v2: backport to nx-libs 3.5.0.x (Mihai Moldovan) Affects: - 0009_nxagent_add-man-page.full.patch - 0009_nxproxy_add-man-page.full+lite.patch - 0209_x2goagent_add-man-page.full.patch . [ Ulrich Sibiller ] * nx-X11: Bug 51375: Xorg doesn't set status for RRGetOutputInfo Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1250_nx-X11_Bug-51375-Xorg-doesn_t-set-status-for-RR.full.patch * nx-X11: Drop a reference to user mode after create Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1251_nx-X11_Drop-a-reference-to-user-mode-after-crea.full.patch * nx-X11: Free randr crtc and output pointer arrays Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1252_nx-X11_Free-randr-crtc-and-output-pointer-array.full.patch * nx-X11: randr: check for virtual size limits before set crtc Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1253_nx-X11_randr-check-for-virtual-size-limits-befo.full.patch * nx-X11: randr: fix server crash in RRGetScreenInfo Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1254_nx-X11_randr-fix-server-crash-in-RRGetScreenInf.full.patch * nx-X11: RRModeCreate: plug memory leak of newModes if AddResource fails Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1255_nx-X11_RRModeCreate-plug-memory-leak-of-newMode.full.patch * nx-X11: ProcRRGetScreenInfo: swap configTimestamp as well Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1256_nx-X11_ProcRRGetScreenInfo-swap-configTimestamp.full.patch * nx-X11: randr: Fix REQUEST vs. REQUEST_SIZE_MATCH mismatch Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1257_nx-X11_randr-Fix-REQUEST-vs-REQUEST_SIZE_MATCH-.full.patch * nx-X11: randr: Clean up compiler warnings about unused and shadowing variables Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1258_nx-X11_randr-Clean-up-compiler-warnings-about-u.full.patch * nx-X11: Make RANDR 'set' timestamps follow client specified time. Bug 21987. Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1259_nx-X11_Make-RANDR-_set_-timestamps-follow-clien.full.patch * nx-X11: xserver: Avoid sending uninitialized padding data over the network Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1260_nx-X11_xserver-Avoid-sending-uninitialized-padd.full.patch ------------=_1435978507-31146-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by bugs.x2go.org; 23 Jun 2015 13:51:28 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 130BF5DA85 for ; Tue, 23 Jun 2015 15:51:24 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id B525E41C3 for ; Tue, 23 Jun 2015 15:51:23 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 430333B987 for ; Tue, 23 Jun 2015 15:51:23 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YArq8kpPJj-a for ; Tue, 23 Jun 2015 15:51:23 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id C9F443B95F for ; Tue, 23 Jun 2015 15:51:22 +0200 (CEST) Received: from bifrost.das-netzwerkteam.de (bifrost.das-netzwerkteam.de [178.62.101.154]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Tue, 23 Jun 2015 13:51:22 +0000 Date: Tue, 23 Jun 2015 13:51:22 +0000 Message-ID: <20150623135122.Horde.HhvXCZMzLO8AzOi0esRD8g1@mail.das-netzwerkteam.de> From: Mike Gabriel To: submit@bugs.x2go.org Subject: Xft.rgba: rgb, crash on big fonts (3.5.0.x backport reminder) User-Agent: Internet Messaging Program (IMP) H5 (6.2.2) Accept-Language: de,en Organization: DAS-NETZWERKTEAM X-Originating-IP: 178.62.101.154 X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0 Iceweasel/32.0 Content-Type: multipart/signed; boundary="=_xcgsPmHf8p9WBwa8xJRYrg3"; protocol="application/pgp-signature"; micalg=pgp-sha1 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_xcgsPmHf8p9WBwa8xJRYrg3 Content-Type: text/plain; charset=UTF-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Package: nxagent Forwarded: https://github.com/ArcticaProject/nx-libs/issues/55 Severity: important This is a reminder bug for backporting fix for issue=20=20 ArcticaProject/nx-libs#55=20to 3.5.0.x of nx-libs once a fix has been=20=20 found. More=20bug tracking / info collecting for this issue happens on Github [1]. Mike [1] https://github.com/ArcticaProject/nx-libs/issues/55 --=20 DAS-NETZWERKTEAM mike=20gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x= fb --=_xcgsPmHf8p9WBwa8xJRYrg3 Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABAgAGBQJViWRaAAoJEJr0azAldxsxpsAP/28JKxbZmG8BhITIIAySLgzy 8rqLBKp6gg9OcTWCIeb1ONG5vMkMpTRNeuVJ83vdBzoTsC3R21hpUV4vCILH1noV ADPDm8TlFyJb1TdtY0bt5sNP2nSmw10tWNu9cHQFRyRH7JWRN8NsY1arJhrpt9sM 3lVuigKBTH1xNefDR4eNfOzy5O2aRo/xsWW2z9CsqvxHO2BXsmKUGeaeo6a5wKcA PSTvCjSkomnkVFA9UoTGUGfPJFFtl4IjrhFsqWjUyiBKRoF8Vppx8GOCXFThT1lA +A+BzkwyUZY+TDBQUshMgkZqv4FNwscMSpTpVakJUSNKmJFJHkohcQRlXWm9EcEp ECcuOEb2mYiQcxV6cJ0vXNmThLy8yeuhF33fGPpoI6oClx4hmzy8AYirrCBoDLt2 Svn3tPJRuI4jK6StTOFPMWdEUffBbj30DA4FtLKrUfWkI+LJINtsgmfCvOzdHjn1 bmYFyxlq6MiBraL+oYAQXmjuT83dNMOppmSNGAZLh/zyQ3wENvslPzdFpyn/Q3cT VrXnWWfWE9loxoDWD1dJ9H1WJbrdY7OcS9jNBwaQQPy/4QF/3so/uYmQhUrziRvm s2x91oV7C2au251QiFHFEw0PAObB0Pqj4yzITJzKr8CEExwtBf9ILFeFVibtsWT8 xF5/kXjzoceVbLING/Ja =B7qS -----END PGP SIGNATURE----- --=_xcgsPmHf8p9WBwa8xJRYrg3-- ------------=_1435978507-31146-0-- From unknown Fri Mar 29 02:23:33 2024 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@bugs.x2go.org From: Debbugs Internal Request Subject: Internal Control Message-Id: Bug archived. Date: Sa, 01 Aug 2015 05:24:01 +0000 User-Agent: Fakemail v42.6.9 # A New Hope # A long time ago, in a galaxy far, far away # something happened. # # Magically this resulted in the following # action being taken, but this fake control # message doesn't tell you why it happened # # The action: # Bug archived. thanks # This fakemail brought to you by your local debbugs # administrator