Daniel et al. - On Mon, May 23, 2005 at 11:32:19AM +1000, Daniel Stone wrote: > > I might play around with option 2. There are two strategies > > that make technical sense: > > Why would you do this when there's already a version upstream that fixes > this? I don't like the idea of having yet another Xpm 'security fix' > variant out there.
OK, so I was slow finding the proper upstream fix. Now that I found it within http://ftp.x.org/pub/X11R6.8.2/patches/X11R6.8.1-to-X11R6.8.2.patch.gz I gave it a quick review (it matches my strategy (a)). So, let me rephrase the question: Has Matej and someone from the Debian X Strike Force reviewed and/or started to test the X11R6.8.2 patch to xc/extras/Xpm/lib/RdFToI.c xc/extras/Xpm/lib/WrFFrI.c and maybe xc/extras/Xpm/lib/XpmI.h ? - Larry
signature.asc
Description: Digital signature
