Author: branden
Date: 2003-07-03 01:41:03 -0500 (Thu, 03 Jul 2003)
New Revision: 279
Modified:
branches/4.3.0/sid/debian/changelog
Log:
debian/changelog: merge in 4.2.1-9 changelog entry from trunk
Modified: branches/4.3.0/sid/debian/changelog
==============================================================================
--- branches/4.3.0/sid/debian/changelog 2003-07-02 23:07:39 UTC (rev 278)
+++ branches/4.3.0/sid/debian/changelog 2003-07-03 06:41:03 UTC (rev 279)
@@ -53,9 +53,6 @@
* fix weak deps (many on X11/Xext in xlibs):
- patch #063: new (Closes: #187374)
- * fix deadlock problems in Xi (XINPUT) library when threads enabled
- - patch #064: new (Closes: #191463)
-
* xlibs-pic package renamed to xlibs-static-pic
- reintegrate piclib_support.diff (previously patch #046, now patch #909)
@@ -80,6 +77,50 @@
-- Branden Robinson <[EMAIL PROTECTED]> Thu, 26 Jun 2003 10:14:27 -0500
+xfree86 (4.2.1-9) unstable; urgency=high
+
+ * urgency due to xterm security fixes; see below
+
+ * patch #001b: remove special-case logic in linux.cf that defined
+ "HasLinuxInput" to "NO" for Mc68020Architecture; m68k is now supported by
+ the Linux 2.4.20 kernel (at least in Debian), so we let this symbol be
+ defined to "YES" just like all the other architectures. This only really
+ affects the Wacom input driver and should not cause any regressions.
+ (thanks to James Troup for pointing out this no-longer-needed conditional)
+
+ * build and ship more static-PIC versions of libraries; Xau (for xcb) and
+ xf86misc (for xfce4)
+ - patch #046: updated
+ - debian/{MANIFEST,xlibs-pic.install}.*: add libXau_pic.a,
+ libXxf86misc_pic.a
+ - debian/control: update xlibs-pic's extended description
+
+ * patch #093: new; SECURITY: disable window title reporting to work around
+ potentially malicious text being spewed to terminal window
+ <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0063>
+
+ * patch #094: new; SECURITY: fix for xterm DoS attack; malformed DEC UDK
+ escape sequences can lock the terminal window
+ <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0071>
+
+ * patch #095: new; fix hangs when threaded apps use XInput library
+ (Closes: #191463)
+
+ * debian/control: move xlibs-pic from section devel to section libdevel
+ (syncrhonize with Debian archive override file)
+ * debian/rules: replace presently-useless $(DEBUGFLAGS) variable in
+ $(SERVERDEBUG_IMAKE_DEFINES) with -DDefaultGcc2OptimizeOpt=-O0 to turn off
+ optimiziation when compiling the debugging XFree86 X server
+ * debian/xserver-xfree86.install.arm: get this file up to date:
+ - stop shipping things that aren't built for this arch: imstt_drv, libafb,
+ imstt manpage
+ - start shipping more things that are built for this arch: nv_drv, s3_drv,
+ calcomp_drv, dmc_drv, hyperpen_drv, penmount_drv, dmc manpage, nv
+ manpage, penmount manpage
+ - tdfx driver name corrected to tdfx_drv
+
+ -- Branden Robinson <[EMAIL PROTECTED]> Thu, 26 Jun 2003 14:28:34 -0500
+
xfree86 (4.2.1-8) unstable; urgency=high
* the "you're damn right I'm bitter" release
