Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
202
security advisoryimportantfont parsingopenSUSE 42.3: 2019:1439-1 Important: Java RMI and File Issues
An update that fixes 7 vulnerabilities is now available.. openSUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1439-1 Rating: important References: #1122293 #1122299 #1132728 #1132729 #1132732 #1133135 Cross-References: CVE-2018-11212 CVE-2018-3639 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for java-1_8_0-openjdk to version 8u212 fixes the following issues: Security issues fixed: - CVE-2019-2602: Better String parsing (bsc#1132728). - CVE-2019-2684: More dynamic RMI interactions (bsc#1132732). - CVE-2019-2698: Fuzzing TrueType fonts - setCurrGlyphID() (bsc#1132729). - CVE-2019-2422: Better FileChannel (bsc#1122293). - CVE-2018-11212: Improve JPEG (bsc#1122299). Non-Security issue fixed: - Disable LTO (bsc#1133135). - Added Japanese new era name. This update was imported from the SUSE:SLE-12-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1439=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): java-1_8_0-openjdk-1.8.0.212-34.1 java-1_8_0-openjdk-accessibility-1.8.0.212-34.1 java-1_8_0-openjdk-debuginfo-1.8.0.212-34.1 java-1_8_0-openjdk-debugsource-1.8.0.212-34.1 java-1_8_0-openjdk-demo-1.8.0.212-34.1 java-1_8_0-openjdk-demo-debuginfo-1.8.0.212-34.1 java-1_8_0-openjdk-devel-1.8.0.212-34.1 java-1_8_0-openjdk-devel-debuginfo-1.8.0.212-34.1 java-1_8_0-openjdk-headless-1.8.0.212-34.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.212-34.1 java-1_8_0-openjdk-src-1.8.0.212-34.1 - openSUSE Leap 42.3 (noarch): java-1_8_0-openjdk-javadoc-1.8.0.212-34.1 References: https://www.suse.com/security/cve/CVE-2018-11212.html https://www.suse.com/security/cve/CVE-2018-3639.html https://www.suse.com/security/cve/CVE-2019-2422.html https://www.suse.com/security/cve/CVE-2019-2426.html https://www.suse.com/security/cve/CVE-2019-2602.html https://www.suse.com/security/cve/CVE-2019-2684.html https://www.suse.com/security/cve/CVE-2019-2698.html https://bugzilla.suse.com/1122293 https://bugzilla.suse.com/1122299 https://bugzilla.suse.com/1132728 https://bugzilla.suse.com/1132729 https://bugzilla.suse.com/1132732 https://bugzilla.suse.com/1133135 -- . Essential patch released for java-1_8_0-openjdk addressing vulnerabilities in openSUSE. Update your system immediately!. openSUSE Security Update, Java Security Fix, RMI Interaction, OpenJDK Important Update. . Severity: Important. LinuxSecurity.com Team
May 23, 2019
•Important
OpenSUSE
89
security advisoryFedoracritical fixFedora 22: FEDORA-2015-16314 Critical: ICU Font Parsing and Regexp Issues
Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926 CVE-2014-9654. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-16314 2015-10-13 12:51:16.882949 -------------------------------------------------------------------------------- Name : icu Product : Fedora 22 Version : 54.1 Release : 4.fc22 URL : https://icu-project.org/ Summary : International Components for Unicode Description : Tools and utilities for developing with icu. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926 CVE-2014-9654 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1183645 - CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489) https://bugzilla.redhat.com/show_bug.cgi?id=1183645 [ 2 ] Bug #1183646 - CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276) https://bugzilla.redhat.com/show_bug.cgi?id=1183646 [ 3 ] Bug #1185202 - CVE-2014-7923 ICU: regexp engine missing look-behind expression range check https://bugzilla.redhat.com/show_bug.cgi?id=1185202 [ 4 ] Bug #1185205 - CVE-2014-7926 ICU: regexp engine incorrect handling of a zero length quantifier https://bugzilla.redhat.com/show_bug.cgi?id=1185205 [ 5 ] Bug #1190129 - CVE-2014-9654 icu: insufficient size limit checks in regular expression compiler https://bugzilla.redhat.com/show_bug.cgi?id=1190129 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update icu' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Oct 13, 2015
•Critical
Fedora
89
security advisorymoderatefedoraFedora 23 FEDORA-2015-16315 Moderate ICU Security Patch
Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926 CVE-2014-9654. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-16315 2015-09-24 05:06:55.818488 -------------------------------------------------------------------------------- Name : icu Product : Fedora 23 Version : 54.1 Release : 5.fc23 URL : https://icu-project.org/ Summary : International Components for Unicode Description : Tools and utilities for developing with icu. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926 CVE-2014-9654 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185202 - CVE-2014-7923 ICU: regexp engine missing look-behind expression range check https://bugzilla.redhat.com/show_bug.cgi?id=1185202 [ 2 ] Bug #1183645 - CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489) https://bugzilla.redhat.com/show_bug.cgi?id=1183645 [ 3 ] Bug #1190129 - CVE-2014-9654 icu: insufficient size limit checks in regular expression compiler https://bugzilla.redhat.com/show_bug.cgi?id=1190129 [ 4 ] Bug #1183646 - CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276) https://bugzilla.redhat.com/show_bug.cgi?id=1183646 [ 5 ] Bug #1185205 - CVE-2014-7926 ICU: regexp engine incorrect handling of a zero length quantifier https://bugzilla.redhat.com/show_bug.cgi?id=1185205 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update icu' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Sep 24, 2015
•Important
Fedora
89
security advisoryfedoracriticalFedora 21 ICU Update 2015-3569 Critical: Out Of Bounds Read Fix
Security fix for CVE-2014-6585, CVE-2014-6591. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-3569 2015-03-10 22:02:17 -------------------------------------------------------------------------------- Name : icu Product : Fedora 21 Version : 52.1 Release : 5.fc21 URL : https://icu-project.org/ Summary : International Components for Unicode Description : Tools and utilities for developing with icu. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2014-6585, CVE-2014-6591 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 9 2015 Eike Rathke - 52.1-5 - Resolves: rhbz#1184811 CVE-2014-6585 CVE-2014-6591 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1183645 - CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489) https://bugzilla.redhat.com/show_bug.cgi?id=1183645 [ 2 ] Bug #1183646 - CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276) https://bugzilla.redhat.com/show_bug.cgi?id=1183646 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update icu' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 02, 2015
•Critical
Fedora
87
security advisorycriticalcode executionDebian: DSA-2428-1 Critical: Freetype Font Parsing Code Execution
Mateusz Jurczyk from the Google Security Team discovered several vulnerabilties in Freetype's parsing of BDF, Type1 and TrueType fonts, which could result in the execution of arbitrary code if a malformed font file is processed. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2428-1
Mar 08, 2012
•Critical
Debian
91
security advisorygentooexecution riskGentoo: GLSA-200806-10 Normal: FreeType User-Assisted Code Execution
Font parsing vulnerabilities in FreeType might lead to user-assisted execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200806-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: FreeType: User-assisted execution of arbitrary code Date: June 23, 2008 Bugs: #225851 ID: 200806-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Font parsing vulnerabilities in FreeType might lead to user-assisted execution of arbitrary code. Background ========= FreeType is a font rendering library for TrueType Font (TTF) and Printer Font Binary (PFB). Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/freetype < 2.3.6 > = 2.3.6 Description ========== Regenrecht reported multiple vulnerabilities in FreeType via iDefense: * An integer overflow when parsing values in the Private dictionary table in a PFB file, leading to a heap-based buffer overflow (CVE-2008-1806). * An invalid free() call related to parsing an invalid "number of axes" field in a PFB file (CVE-2008-1807). * Multiple off-by-one errors when parsing PBF and TTF files, leading to heap-based buffer overflows (CVE-2008-1808). Impact ===== A remote attacker could entice a user to open a specially crafted TTF or PBF file, possibly resulting in the execution of arbitrary code with the privileges of the user running an application linked against FreeType (such as the X.org X server, running as root). Workaround ========= There is no known workaroundat this time. Resolution ========= All FreeType users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-libs/freetype-2.3.6" References ========= [ 1 ] CVE-2008-1806 https://www.cve.org/CVERecord?id=CVE-2008-1806 [ 2 ] CVE-2008-1807 https://www.cve.org/CVERecord?id=CVE-2008-1807 [ 3 ] CVE-2008-1808 https://www.cve.org/CVERecord?id=CVE-2008-1808 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200806-10 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Jun 24, 2008
Gentoo
99
security advisorycriticalslackwareSlackware 10.2 X11 Update 2006-259-01 Critical Overflow Issue
New x11 (X.Org) packages are available for Slackware 10.2, and -current to fix security issues due to overflows in font parsing. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] x11 (SSA:2006-259-01) New x11 (X.Org) packages are available for Slackware 10.2, and -current to fix security issues due to overflows in font parsing. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: https://www.cve.org/CVERecord?id=CVE-2006-3739 https://www.cve.org/CVERecord?id=CVE-2006-3740 Here are the details from the Slackware 10.2 ChangeLog: +--------------------------+ patches/packages/x11-6.8.2-i486-7_slack10.2.tgz:i Fixed an overflow in CID encoded Type1 font parsing. For further reference, see: https://www.cve.org/CVERecord?id=CVE-2006-3739 https://www.cve.org/CVERecord?id=CVE-2006-3740 (* Security fix *) patches/packages/x11-devel-6.8.2-i486-7_slack10.2.tgz: Recompiled. patches/packages/x11-xdmx-6.8.2-i486-7_slack10.2.tgz: Recompiled. patches/packages/x11-xnest-6.8.2-i486-7_slack10.2.tgz: Recompiled. patches/packages/x11-xvfb-6.8.2-i486-7_slack10.2.tgz: Recompiled. +--------------------------+ Where to find the new packages: +-----------------------------+ HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com. Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 10.2: Updated package for Slackware -current: MD5 signatures: +-------------+ Slackware 10.2 package: a9316c321d186c6f9550b1f29ccc1501 x11-6.8.2-i486-7_slack10.2.tgz 20d998bce33e744ffd037d8190a42c18 x11-devel-6.8.2-i486-7_slack10.2.tgz 0a3327d025d6af59f54de9ac63404c97 x11-xdmx-6.8.2-i486-7_slack10.2.tgz e236495f4e11a246b0027f6cfb5703d2 x11-xnest-6.8.2-i486-7_slack10.2.tgz 12a58e8efcdd6807b3d366fbcf9d79e4 x11-xvfb-6.8.2-i486-7_slack10.2.tgz Slackware -current package: 59bf0501ce46391197ad571c9341c105 x11-6.9.0-i486-11.tgz 14c95b5eab916883a313c34db4fdb38a x11-devel-6.9.0-i486-11.tgz 2d19e8fe89b314fe93baed7c62d0a1cb x11-xdmx-6.9.0-i486-11.tgz 54369c52653384d0ff4310b56bd67c96 x11-xnest-6.9.0-i486-11.tgz c8795b535a8c38cc4832dbbb5e4aa711 x11-xvfb-6.9.0-i486-11.tgz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg x11-6.8.2-i486-7_slack10.2.tgz x11-devel-6.8.2-i486-7_slack10.2.tgz x11-xdmx-6.8.2-i486-7_slack10.2.tgz x11-xnest-6.8.2-i486-7_slack10.2.tgz x11-xvfb-6.8.2-i486-7_slack10.2.tgz +-----+ . Latest x11 updates for Slackware 10.2 released to tackle memory vulnerabilities in font handling; all existing packages have been revised.. Slackware Security, Font Overflow, X.Org Updates, Security Fixes, X11 Packages. . Severity: Critical. LinuxSecurity.com Team
Sep 17, 2006
•Critical
Slackware
89
security advisoryfedorabuffer overflowCritical Advisory on Fedora: XFree86 Privilege Escalation Issue
Updated XFree86 packages that fix a privilege escalation vulnerability arenow available.. Fedora Update Notification FEDORA-2004-069 2004-02-13 --------------------------------------------------------------------- Name : XFree86 Version : 4.3.0 Release : 55 Summary : The basic fonts, programs and docs for an X workstation. Description : XFree86 is an open source implementation of the X Window System. It provides the basic low level functionality which full fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. --------------------------------------------------------------------- Update Information: Updated XFree86 packages that fix a privilege escalation vulnerability are now available. XFree86 is an implementation of the X Window System, providing the core graphical user interface and video drivers. iDefense discovered two buffer overflows in the parsing of the 'font.alias' file. A local attacker could exploit this vulnerability by creating a carefully-crafted file and gaining root privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2004-0083 and CAN-2004-0084 to these issues. Additionally David Dawes discovered additional flaws in reading font files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0106 to these issues. All users of XFree86 are advised to upgrade to these erratum packages, which contain a backported fix and are not vulnerable to these issues. Red Hat would like to thank David Dawes from XFree86 for the patches and notification of these issues. --------------------------------------------------------------------- * Thu Feb 12 2004 Mike A. Harris 4.3.0-55 - Added {x11datadir}/X11/xinit back to package list, which seems to have been inadvertently dropped during attempts to get package to compile on Red Hat Linux 9 s390 builds earlier this week. * Wed Feb 11 2004 Mike A. Harris 4.3.0-54 -Added XFree86-4.3.0-libXfont-security-CAN-2004-0083-CAN-2004-0084-CAN-2004-0106.patch to fix all recent security flaws in libXfont which are outlined in CAN-2004-0083, CAN-2004-0084, CAN-2004-0106, discovered by iDefense, David Dawes and others. This patch replace all previous libXfont patches from XFree86 builds 4.3.0-49 through to present. - Added XFree86-4.3.0-libXfont-security-CAN-2004-0083-CAN-2004-0084-CAN-2004-0106-v2.patch which is the same as the above patch, but modified to cleanly apply to 4.3.0, renamed to keep all patches present in src.rpm for comparative purposes. - Built 4.3.0-54 with target build_yarrow for Fedora Core 1 erratum - Built 4.3.0-54.EL with target build_taroon for Red Hat Enterprise Linux 3 erratum - Built 4.3.0-2.90.54 with target build_shrike for Red Hat Linux 9 erratum * Tue Feb 10 2004 Mike A. Harris 4.3.0-53 - Added XFree86-4.3.0-security-dirname-CAN-2004-0106.patch which replaces XFree86-4.3.0-security-fonts-alias-dirname3.patch, the new patch being the same but without the second hunk, as the patch Keith wrote for CAN-2004-0083 and CAN-2004-0084 already handled that issue so there was a conflict. - Built 4.3.0-53 with target build_yarrow for Fedora Core 1 erratum - Built 4.3.0-53.EL with target build_taroon for Red Hat Enterprise Linux 3 erratum - Built 4.3.0-2.90.53 with target build_shrike for Red Hat Linux 9 erratum * Tue Feb 10 2004 Mike A. Harris 4.3.0-52 - Added XFree86-4.3.0-security-fonts-alias-dirname3.patch in order to fix 2 additional buffer overflows in libXfont, discovered by iDefense and David Dawes. No CVE assignment has been provided yet. - Built 4.3.0-52 with target build_yarrow for Fedora Core 1 erratum - Built 4.3.0-52.EL with target build_taroon for Red Hat Enterprise Linux 3 erratum - Built 4.3.0-2.90.52 with target build_shrike for Red Hat Linux 9 erratum * Tue Feb 10 2004 Mike A. Harris 4.3.0-51 - Added XFree86-4.3.0-security-dirname-CAN-2004-0083-CAN-2004-0084-keithp.patch alternative patch written by KeithPackard, to fix CAN-2004-0083 and CAN-2004-0084 security issues - Added XFree86-4.3.0-security-fonts-alias-dirname-CAN-2004-0084.patch to the package, but disabled for now while we test the above patch from Keith Packard which addresses both security issues. - Built 4.3.0-51 with target build_yarrow for Fedora Core 1 erratum - Built 4.3.0-51.EL with target build_taroon for Red Hat Enterprise Linux 3 erratum - Built 4.3.0-2.90.51 with target build_shrike for Red Hat Linux 9 erratum * Mon Feb 09 2004 Mike A. Harris 4.3.0-50 - Fix issues detected in QA testing - Built 4.3.0-50 with target build_yarrow for Fedora Core 1 erratum - Built 4.3.0-50.EL with target build_taroon for Red Hat Enterprise Linux 3 erratum - Built 4.3.0-2.90.50 with target build_shrike for Red Hat Linux 9 erratum * Wed Feb 04 2004 Mike A. Harris 4.3.0-2.90.49 - Built 4.3.0-2.90.49 with target build_shrike for Red Hat Linux 9 erratum - Split {_x11datadir}/X11/etc/* glob previously wrapped using with_Xserver into a with_xterm portion and with_Xterm portion with the dir being always included, in order to work around obscure build failure on s390 on RHL 9. Yes this is an insane problem to have to fix because we do not ship an RHL 9 s390 product and never will. But we seek perfection however, and who knows, maybe next week we will release a Red Hat Linux 9 port to s390 for consumer desktops or something. - Rename with_included_xterm macro to with_xterm for naming consistency with other options, as it threw me off. * Wed Feb 04 2004 Mike A. Harris 4.3.0-49.EL - Built 4.3.0-49.EL with target build_taroon for Red Hat Enterprise Linux 3 erratum * Wed Feb 04 2004 Mike A. Harris 4.3.0-49 - Added XFree86-4.3.0-security-fonts-alias-dirname-CAN-2004-0083.patch to fix security issue in core fonts backend reported by iDefense in CAN-2004-0083 - Added build_maintainer_mode distribution version autodetection to simplify local build testing procedures, added dist_ver macro, dist_test parameterized macro (to keep jbjon his toes), and updated build_xxxx target autoconfig when build_auto_mode is enabled. This only affects local builds, not any Red Hat builds. - Enabled radeon-agp-detection-using-capability-list-walk patch on all builds, which was inadvertently left off on some due to misplaced macro conditional - Built 4.3.0-49 with target build_yarrow for Fedora Core 1 erratum * Sun Feb 01 2004 Mike A. Harris 4.3.0-45.0.2.EL.test - Rebuilt with build_taroon for RHEL 3 testing * Sat Jan 31 2004 Mike A. Harris 4.3.0-45.0.2 - Added XFree86-4.3.0-Xserver-dix-xkb-key-repeating-bug-CVS-backport.patch to fix a bug in DIX when xkb is being used that causes keys to repeat spuriously on some hardware under certain system loads. This patch has been backported from the 4.3.0-48 developmental head package. (#76959,114635) - Added XFree86-4.3.0-XRes-IncludeSharedObjectInNormalLib.patch to make libXRes get built PIC for bug (#114292) - Updated XFree86-4.3.0-missing-lib-sharedreqs.patch to remove dependancy on libXt caused by improper dependancy listing in SharedXmuuReqs (#113336) * Thu Jan 29 2004 Mike A. Harris 4.3.0-45.0.1.EL.test - Build test release for RHEL3 U2 testing * Wed Jan 28 2004 Mike A. Harris 4.3.0-45.0.1 - Temporary fork of 4.3.0-45 to add some patches for test builds, until post 4.3.0-45 (4.3.0-46 through 4.3.0-50) local-work-in-progress stuff is in clean enough shape for tree inclusion - Added XFree86-4.3.0-fixes-for-freetype-2.1.7-v2.patch so that XFree86 will build properly against freetype 2.1.7 (#114343) * Sun Nov 30 2003 Mike A. Harris 4.3.0-45 - Implemented new AGP/PCI autodetection in the Radeon driver by examining PCI configuration space and walking the PCI extended capabilities list in order to determine if the device implements the AGP capability. This code should work on _any_ AGP/PCI hardware generically and should be factored out into generic X server code in future XFree86 releases so all drivers can benefit from it. XFree86-4.3.0-radeon-agp-detection-using-capability-list-walk.patch should fix all Radeon PCI/AGP autodetection bugs, including (#111191). Some AGP Radeon users may experience a performance boost with this new driver if their card was misdetected and treated as PCI before, as pcigart mode works on AGP hardware, but is slower than using AGP. - Fixed build_rawhide to work the same as build_yarrow everywhere since the two are functionally identical for the time being. * Wed Nov 26 2003 Mike A. Harris 4.3.0-44.EL - Rebuilt 4.3.0-44 as 4.3.0-44.EL for RHEL3 QU1 update * Wed Nov 26 2003 Mike A. Harris 4.3.0-44 - Added XFree86-4.3.0-libfontenc-IncludeSharedObjectInNormalLib.patch to fix KDE build problem on AMD64 which links to the static libfontenc library and fails because it wasn't compiled with -fPIC, reported in bug (#111058) - Enable the open source vmware_drv.o video driver that ships with XFree86 on all builds now, to supply this driver as-is to users as a convenience although it is still unsupported by Red Hat. Users encountering video or other X related problems with this driver, need to report their problems directly to XFree86.org, or to VMware Inc. - Rebuild in rawhide for FC2 development * Fri Nov 14 2003 Mike A. Harris 4.3.0-43.1 - Added XFree86-4.3.0-nv-riva-videomem-autodetection-debugging.patch to be able to debug Riva TNT memory autodetection problems in the future (#109459) - Added new build_rawhide flag to wrap experimental changes and test patches with for Rawhide builds - Rename rpm macro from tlssubdir to _tlsdir, and enforce it's usage everywhere in the spec file * Mon Nov 03 2003 Mike A. Harris 4.3.0-2.90.43 - Rebuild 4.3.0-43 for Red Hat Linux 9 erratum with build_shrike set * Mon Nov 03 2003 Mike A. Harris 4.3.0-43 - Updated to XFree86-4.3.0-xf-4_3-branch-2003-11-03.patch to pick up latest fixes in the XFree86 4.3.x stable branch including: - Fix for crash on ia64 because of wrong setjmp buffer alignment (John Dennis) - Close freetypefontfile filehandle in mkfontscale, this prevents problems from limitation of simultaniously open files - Fixed erronous freeing of DisplayModeRec in xf86DeleteMode() when deleting the modePool in xf86PruneDriverModes() the 'prev' member has a different meaning for modePool modes than for ScrnInfoPtr-> modes modes where it creates a doubly linked list - Fix some i830+ VT switch/exit crashes - Fix DRM_CAS on ia64 as used by the DRI (Bugzilla #778, John Dennis). - Removed XFree86-4.3.0-Xlib-XIM-bugfix-from-XFree86-bugzilla.patch, XFree86-4.3.0-ia64-setjmp-alignment.patch - Updated XFree86-4.3.0-ia64-drm-locking.patch as part of it is in the stable branch patch now. - Updated some spec file comments, and other mostly cosmetic changes. - Fixed some mistakes in spec file changelog dates. * Wed Oct 29 2003 Mike A. Harris 4.3.0-42.2 - Enable new Radeon support patches for shrike builds also to support newer Radeon hardware, so future erratum picks up these enhancements. - Backport XFree86-4.3.0-RandR-refresh-rate-rounding-error-fix-from-CVSHEAD.patch from CVS HEAD in order to fix bug (#108008) - Added XFree86-4.3.0-vidmode-SEGV-fix-from-CVS-HEAD.patch, backported from CVS HEAD to fix a SEGV in the vidmode extension (#101276) - Renamed build_cambridge target to build_yarrow to indicate the change from project name to final product name. - Added XFree86-4.3.0-rendition-complete-driver-backport-CVS20031031.patch which is a backport of the rendition driver from CVS head, including a couple bug fixes and the rest of changes are cosmetic. (#108693) - Disabled XFree86-4.3.0-rendition-disable-cause-of-SEGV.patch which should now be obsolete from above rendition driver backport. * Fri Oct 24 2003 Mike A. Harris 4.3.0-42 - This release is the long awaited answer to the meaning of life, the universe and everything. - Added XFree86-4.3.0-redhat-exec-shield-GNU-stack.patch to make the complete XFree86 build including Mesa et al. exec-shield friendly (arjanv, mharris) - Updated tonew XFree86-4.3.0-Mesa-SSE-fixes-from-MesaCVS-v2.patch which should fix compatibility problems between DRI and 2.6.x kernels which were caused by the previous version of this patch. Linus reported the fix for this with details of the problem, and explanation of the solution, which I extracted out of CVS (#107932,106566,107829) --------------------------------------------------------------------- This update can be downloaded from: 46d4fad36fa397d351705442806a55f8 SRPMS/XFree86-4.3.0-55.src.rpm eaa18d075933f605fb6c19a9b180ec1c i386/XFree86-4.3.0-55.i386.rpm daacc9c8fe9b6c9f5f5771a8b0cf87bc i386/XFree86-devel-4.3.0-55.i386.rpm 569907746b3a7d477f787dbe73401fd7 i386/XFree86-font-utils-4.3.0-55.i386.rpm 8e8f3b42277228aa45f0c872c3a65b8d i386/XFree86-xfs-4.3.0-55.i386.rpm 26ee40c0d60377f5ce1b8194c5466d4a i386/XFree86-twm-4.3.0-55.i386.rpm e7e81b18626ae9a344e5574174420e32 i386/XFree86-xdm-4.3.0-55.i386.rpm 27789e66d96649e7e8bf62a307f5e68d i386/XFree86-libs-4.3.0-55.i386.rpm b430abfefec36784e994ed5bf83d3ad9 i386/XFree86-libs-data-4.3.0-55.i386.rpm 46cf2ad73245f4ac966b7454bd310d88 i386/XFree86-base-fonts-4.3.0-55.i386.rpm 52b542cad1b247baadcea05e2e1c91dd i386/XFree86-truetype-fonts-4.3.0-55.i386.rpm fb9cc6191cb98dd93ef6ec71a167fb7e i386/XFree86-syriac-fonts-4.3.0-55.i386.rpm fb2926cae361d65cf6c78a7ca7ce88d8 i386/XFree86-75dpi-fonts-4.3.0-55.i386.rpm f0415822893f04c481ebfc473ffdff22 i386/XFree86-100dpi-fonts-4.3.0-55.i386.rpm efde62414088faf5789179176e6911e1 i386/XFree86-ISO8859-2-75dpi-fonts-4.3.0-55.i386.rpm 0cc9300e3c46d2d0346af3c2d0664834 i386/XFree86-ISO8859-2-100dpi-fonts-4.3.0-55.i386.rpm 8c6f63975595f1bbb3f5404322230c5a i386/XFree86-ISO8859-9-75dpi-fonts-4.3.0-55.i386.rpm 06cf300fb6b9c8c6eed3092d0ad1d3bb i386/XFree86-ISO8859-9-100dpi-fonts-4.3.0-55.i386.rpm 52c0f8f22e413279afee17df2ae2bb78 i386/XFree86-ISO8859-14-75dpi-fonts-4.3.0-55.i386.rpm b24b694caeee5c983cacbfc6937fce49 i386/XFree86-ISO8859-14-100dpi-fonts-4.3.0-55.i386.rpm 27e52ae1bb82fa59f9a1ae6c331bcce9 i386/XFree86-ISO8859-15-75dpi-fonts-4.3.0-55.i386.rpm d6d91aa0756c9519bfe6de3ad6af3809 i386/XFree86-ISO8859-15-100dpi-fonts-4.3.0-55.i386.rpm e071fc5a16476dbf7d9c321ec088a384 i386/XFree86-cyrillic-fonts-4.3.0-55.i386.rpm 6cb9ea90c43132853e8809aaff48a267 i386/XFree86-doc-4.3.0-55.i386.rpm 700d174f88e364cefe89bf5dcaf93033 i386/XFree86-Xnest-4.3.0-55.i386.rpm 1d81c120f7775261ee76b4ecd521485d i386/XFree86-Xvfb-4.3.0-55.i386.rpm 22718bdd290a8c7b86e12a7924531e55 i386/XFree86-tools-4.3.0-55.i386.rpm d4cbd6bd883f061d091458ce02a3f487 i386/XFree86-xauth-4.3.0-55.i386.rpm 6477ce536f8d084b48ae7aa9cf30c5c0 i386/XFree86-Mesa-libGL-4.3.0-55.i386.rpm 949ea216b0666dc971cd369661a49ec8 i386/XFree86-Mesa-libGLU-4.3.0-55.i386.rpm 89e0f5723f835b75dd265d8e7f40ab1e i386/XFree86-sdk-4.3.0-55.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- fedora-announce-list mailing list
Feb 18, 2004
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!