pkgsrc.se | The NetBSD package collection

./x11/libXpm, X PixMap Library from modular Xorg X11

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ]

Branch: CURRENT, Version: 3.5.19, Package name: libXpm-3.5.19, Maintainer: pkgsrc-users

XPM (X PixMap) is a format for storing and retrieving X pixmaps
to and from files.

This libXpm is from the modular Xorg X11.

This package includes the cxpm(1) tool for checking XPM files
and the sxpm(1) tool for viewing and conversions of XPM files.

Required to build:
[pkgtools/x11-links] [pkgtools/cwrappers] [x11/xorgproto]

Master sites:

Filesize: 457.41 KB

Version history: (Expand)

(2026-04-21) Updated to version: libXpm-3.5.19
(2026-01-26) Updated to version: libXpm-3.5.18
(2025-10-24) Package has been reborn
(2025-10-24) Package deleted from pkgsrc
(2025-07-15) Package has been reborn
(2025-07-15) Package deleted from pkgsrc

CVS history: (Expand)

2026-04-21 15:41:32 by Thomas Klausner | Files touched by this commit (2) | Package updated

Log message:
libXpm: update to 3.5.19.

Olivier Fourdan (2):
      Fix CVE-2026-4367: Out-of-bounds read in xpmNextWord()
      libXpm 3.5.19

2026-01-26 01:17:33 by Thomas Klausner | Files touched by this commit (2) | Package updated

Log message:
libXpm: update to 3.5.18.

Alan Coopersmith (15):
      Remove outdated ifdef checks for including stdint.h
      unifdef sequent
      unifdef VAX11C
      Remove ancient Amiga support
      Remove ancient port to 16-bit Windows without X11 libraries
      Remove xpmstrcasecmp fallback for strcasecmp
      Remove xpmstrdup fallback for strdup
      Use _stricmp() instead of strcasecmp() on Windows
      man pages: make indentation arguments to .IP be numeric
      man pages: ensure .BR macro has multiple arguments
      man pages: remove .PP after .SH or .SS lines
      man pages: adjust line breaks in source files
      Strip trailing whitespace from source files
      gitlab CI: drop the ci-fairy check-mr job
      libXpm 3.5.18

Bjarni Ingi Gislason (1):
      XpmCreateBuffer.3: editorial changes for this man page [Debian bug #1102886]

Peter Harris (1):
      Fix build with current Windows headers

Zayd Rajab (1):
      tests: poll for stable compressed output

2023-10-03 22:28:15 by Thomas Klausner | Files touched by this commit (2) | Package updated

Log message:
libXpm: update to 3.5.17.

This release contains fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg-announce/2023-October/003424.html

Alan Coopersmith (10):
      Set close-on-exec when opening files
      test: use g_pattern_spec_match_string if available
      Explicitly mark non-static symbols as export or hidden
      Fix CVE-2023-43788: Out of bounds read in XpmCreateXpmImageFromBuffer
      test: Add test case for CVE-2023-43789 (corrupt colormap info)
      Fix CVE-2023-43789: Out of bounds read on XPM with corrupted colormap
      test: Add test case for CVE-2023-43786 (stack exhaustion in PutImage)
      Avoid CVE-2023-43786: stack exhaustion in XPutImage()
      test: Add test case for CVE-2023-43787 (integer overflow in XCreateImage)
      libXpm 3.5.17

Yair Mizrahi (1):
      Avoid CVE-2023-43787 (integer overflow in XCreateImage)

2023-04-17 23:09:49 by Thomas Klausner | Files touched by this commit (3) | Package updated

Log message:
libXpm: update to 3.5.16.

Alan Coopersmith (11):
      test: skip compressed file tests when --disable-open-zfile is used
      gitlab CI: build with each of --enable-open-zfile & --disable-open-zfile
      configure: correct error message to suggest --disable-open-zfile
      open-zfile: Make compress & uncompress commands optional
      Require LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
      XpmCreateDataFromXpmImage: Fix misleading indentation
      parse.c: Wrap FREE_CIDX definition in do { ... } while(0)
      parse.c: remove unused function xstrlcpy()
      test: Use PACKAGE_BUGREPORT instead of hard-coded URL's
      test: Add simple test cases for functions in src/rgb.c
      xpmReadRgbNames: constify filename argument

Matt Turner (1):
      libXpm 3.5.16

Peter Hutterer (1):
      Fix a memleak in ParsePixels error code path

2023-03-02 08:52:30 by Tobias Nygren | Files touched by this commit (1)

Log message:
libXpm: wire down path to uncompress(1) as well

2023-02-10 10:07:22 by Tobias Nygren | Files touched by this commit (1)

Log message:
libXpm: fix build on Linux

2023-01-23 09:30:02 by Adam Ciarcinski | Files touched by this commit (1)

Log message:
libXpm: Explicitly define path to gzip

2023-01-17 19:42:39 by Thomas Klausner | Files touched by this commit (3) | Package updated

Log message:
libXpm: update to 3.5.15.

This release contains fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg-announce/2023-January/003312.html

It also adds a new configure option --disable-open-zfile that makes it easy
for people building libXpm to completely disable the code to fork compression
and uncompression programs if they do not have a need for it in their use case.
The README.md file has been updated to document both of the configure options
to control the optional compression handling features.

Alan Coopersmith (12):
      man pages: Fix typos and other minor editing
      man pages: Replace "See Also" entries with more useful ones
      man pages: Apply standard man page style/formatting
      configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE
      test: Add unit tests using glib framework
      cxpm: getc/ungetc wrappers should not adjust position when c == EOF
      test: add test case for CVE-2022-46285 (unclosed comments)
      Fix CVE-2022-46285: Infinite loop on unclosed comments
      test: add test cases for CVE-2022-44617 (zero-width w/enormous height)
      Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
      Fix CVE-2022-4883: compression commands depend on $PATH
      libXpm 3.5.15

Matthieu Herrb (1):
      Prevent a double free in the error code path

Peter Hutterer (1):
      Use gzip -d instead of gunzip