File libXi.changes of Package libXi.3538

Wed Oct  5 12:16:15 UTC 2016 -

- U_Properly-validate-server-responses.patch
  * insufficient validation of data from the X server can cause out
    of boundary memory access or endless loops (Denial of Service).
    (bnc#1002998, CVE-2016-7945, CVE-2016-7946)

Tue Aug  4 16:00:01 UTC 2015 -

- U_Fix-version-check-in-_XIAllowEvents.patch
  Adding more fixes from upstream. Most of these issues where discovered
  and fixed by Michal Srb <> (bnc#940529).

Tue Aug  4 14:40:40 UTC 2015 -

- U_Advance-the-request-buffer-by-the-right-amount-in-XIChangeHierarchy.patch
  Fix handling of request elements for the XIChangeHierarchy(XIAddMaster) 
  request (bnc#940529).

Tue Aug  4 14:23:35 UTC 2015 -

- Update to bug fix release 1.7.4
  This release contains the following bug fixes:
  man: Update XIQueryVersion docs to match new version compatibility semantics
       update documentation.
  Remove fallback for _XEatDataWords, require libX11 1.6 for it
       This fallback was once introduced to overcome issues with older versions
       of libX11. The version shipped with SLE12 has always been current enough.
  XIPassiveGrab: Fix display locking inside _XIPassiveGrabDevice for error paths
  XIPassiveGrab: Fix completely broken locking in XIGrabTouchBegin
  Fix locking bugs with XIAllowTouchEvents() and XIUngrabTouchBegin().
  Besides these there are no other fixes.
  The locking fixes are needed for SLE-12-SP1 (FATE#319306, bnc#940529).

Fri Oct 31 11:35:50 UTC 2014 -

- U_Fix-double-unlock-when-_XiCheckExtInit-return-1.patch
  Fix double unlock when connecting X server with XInputExtension version
  lower than 2.0. (bnc#883553)

Wed Jul  3 23:20:44 UTC 2013 -

- Update to version 1.7.2:
  Only one minor change since the RC. Again, this release contains the fixes
  for CVE-2013-1998, CVE-2013-1984 and CVE-2013-1995 so you're encouraged to
  + Remove check that can never be true.
Fri Jun 28 12:32:47 UTC 2013 -

- Update to version
  First and likely only RC for libXi 1.7.2. This one has a bunch of changes
  for CVE-2013-1998, CVE-2013-1984 and CVE-2013-1995. These relate to various
  integer overflows and other corruption that happens if we trust the server
  a bit too much on the data we're being sent.
  On top of those fixes, the sequence number in XI2 events is now set
  propertly too (#64687).

Fri Apr  5 13:51:01 UTC 2013 -

- Update to version 1.7.1:
  Only a single fix: including the XFixes header to get the typedef for
  PointerBarrier. Naturally, this adds a pkgconfig build-time dependency on
  Why? The header shipped with 1.7 typedef'd PointerBarrier. If you #include
  both XI and Xfixes headers, you will end up with a duplicate typedef.
  This is not an issue on gcc >= 4.6 since the two typedef's are the same.
  On earlier versions this will trigger an error. gcc 4.6 -pedantic-errors
  will trigger the same error.

Tue Mar 19 18:19:37 UTC 2013 -

- Use more robust make install call
- Avoid calling fdupes outside of /usr

Thu Mar  7 01:35:11 UTC 2013 -

- Update to version 1.7:
  The feature added in this revision is pointer barrier events and releases.
  Pointer barriers themselves are an XFixes 5 feature, XI 2.3 adds two
  disctinct features to barriers:
  + the ability for clients to get notified if pointer movement is restricted
    by a barrier
  + the ability for clients to allow a pointer to move through a barrier
    after it was constrained by the barrier
  For a more verbose explanation of these features please refer to:

Wed May  9 08:43:58 UTC 2012 -

- Update to version 1.6.1:
  + Major bugs fixed:
    - wrong button and mask copy
    - raw event sourceid is now set
  + Small cleanups and bug fixes.

Wed Apr 11 17:03:20 UTC 2012 -

- Update to version 1.6.0:
  + Implement XI 2.2 (which provides multitouch)
  + Various cleanups and bug fixes
- Changes from version 1.5.0:
  + Implement XI 2.1 (which provides smooth scrolling)
  + Various cleanups and bug fixes
  + Man page improvements
- Changes from version 1.4.2:
  + Various cleanups and bug fixes
  + Build configuration improvements
- Changes from version 1.4.1:
  + Important fixes for bugs that cause clients to misbehave.

Sun Feb 12 02:09:10 UTC 2012 -

- Update homepage URL and set a minimal package description
  (found one in tarball announcement mails)

Fri Feb 10 15:56:36 UTC 2012 -

- improved -devel provides/obsoletes for openSUSE 12.2

Fri Feb 10 14:20:33 UTC 2012 -

- added provides/obsoletes for old libXi6-devel package 

Thu Feb  9 16:44:18 UTC 2012 -

- Rename SRPM from libXi6 to libXi (no Obsoletes needed for BRPMs)

Sun Feb  5 01:37:10 UTC 2012 -

- Remove apparently unused (Build)Requires on Xau, Xdmcp, xtrans
- Add required runtime dependency on libXext-devel
  (XInput2.h uses libXext-devel:Xge.h)
- Use pkgconfig() symbols to pull in BuildRequires
- Remove redundant tags/sections like %clean
- Parallel build with %_smp_mflags

Wed Nov  3 04:46:01 UTC 2010 -

- update to release 1.4.0
  * This version doesn't add new features but has seen numerous
    packaging cleanups and a number of miscellaneous fixes.

Sat Sep  4 16:21:10 UTC 2010 -

- update to release 1.3.1
  A few minor build system cleanups but I've cherry-picked only
  those that didn't require a macros update for this version. The
  requirements are thus the same as for 1.3.0.
  A couple of random other fixes, most notably two display lock
  fixes. The other fix that's quite prominent is the
  initialization of the extension with a server-specific number of
  events. Previously, libXi 1.3 running against a non-XI2 enabled
  server would result in mishandling of events (pending extension
  initialization order).
- update to release 1.3.2
  Brown paper bag release. Just one commit, fixing up a erroneous
  conflict resolution that resulted in an inverted condition for
  the asciidoc/xmlto checks and an error when building man pages.

Fri Apr  2 17:28:57 CEST 2010 -

- use real version number instead of the one from X.Org 

Sat Jan 16 05:11:17 CET 2010 -

- created package
openSUSE Build Service is sponsored by