---
- branch: MAIN
  date: Sun Jun 23 18:35:53 UTC 2013
  files:
  - new: '1.12'
    old: '1.11'
    path: pkgsrc/x11/libXv/Makefile
    pathrev: pkgsrc/x11/libXv/Makefile@1.12
    type: modified
  - new: '1.7'
    old: '1.6'
    path: pkgsrc/x11/libXv/distinfo
    pathrev: pkgsrc/x11/libXv/distinfo@1.7
    type: modified
  id: 20130623T183553Z.8e7304cb56e99661c7495b9711affc3349ceb1be
  log: |
    Update to 1.0.9:

    This quick fix release corrects an issue with the security fix from 1.0.8,
    in which, if the size checks did determine the response from the X server
    was too large to fit in the buffer it had allocated, XvQueryPortAttributes
    could return a pointer to the caller that pointed to uninitialized memory
    where the caller expected a nil-terminated string.

    Alan Coopersmith (2):
          XvQueryPortAttributes: add a comment explaining memory strategy
          libXv 1.0.9

    Daphne Pfister (1):
          Bug 65252: Ensure final name is nil-terminated & none point to uninitialized memory.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/x11/libXv'
  unixtime: '1372012553'
  user: wiz