If those dates are correct, then it'd appear that xrender was /not/ built against the fixed libx11, meaning it doesn't really include the CVE-2013-7439 fix.
-- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

