libXpm4-32bit-3.5.18-1.2 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

libXpm facilitates working with XPM (X PixMap), a format for
storing/retrieving X pixmaps to/from files.

Provides

• libXpm4-32bit
• libXpm.so.4
• libXpm4-32bit(x86-64)
• xorg-x11-libXpm-32bit

Requires

• /bin/sh
• libX11.so.6
• libc.so.6
• libc.so.6(GLIBC_2.0)
• libc.so.6(GLIBC_2.1)
• libc.so.6(GLIBC_2.1.3)
• libc.so.6(GLIBC_2.3)
• libc.so.6(GLIBC_2.3.4)
• libc.so.6(GLIBC_2.33)
• libc.so.6(GLIBC_2.34)
• libc.so.6(GLIBC_2.38)
• libc.so.6(GLIBC_2.4)
• libc.so.6(GLIBC_2.7)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

MIT

Changelog

* Mon Jan 26 2026 Stefan Dirsch <sndirsch@suse.com>
  - Update to 3.5.18
    * Remove outdated ifdef checks for including stdint.h
    * unifdef sequent
    * unifdef VAX11C
    * Remove ancient Amiga support
    * Remove ancient port to 16-bit Windows without X11 libraries
    * Remove xpmstrcasecmp fallback for strcasecmp
    * Remove xpmstrdup fallback for strdup
    * Use _stricmp() instead of strcasecmp() on Windows
    * man pages: make indentation arguments to .IP be numeric
    * man pages: ensure .BR macro has multiple arguments
    * man pages: remove .PP after .SH or .SS lines
    * man pages: adjust line breaks in source files
    * Strip trailing whitespace from source files
    * gitlab CI: drop the ci-fairy check-mr job
    * XpmCreateBuffer.3: editorial changes for this man page [Debian bug #1102886]
    * Fix build with current Windows headers
    * tests: poll for stable compressed output
* Fri Apr 04 2025 Stefan Dirsch <sndirsch@suse.com>
  - adding COPYING file to filelist (bsc#1240836)
* Tue Oct 03 2023 Stefan Dirsch <sndirsch@suse.com>
  - Update to 3.5.17
    * This release contains fixes for the libXpm issues reported in
      security advisory here:
      https://lists.x.org/archives/xorg-announce/2023-October/003424.html
    * fixes CVE-2023-43788 libXpm: out of bounds read in
      XpmCreateXpmImageFromBuffer() (boo#1215686)
    * fixes CVE-2023-43789 libXpm: out of bounds read on XPM with
      corrupted colormap (boo#1215687)
* Tue Apr 18 2023 Stefan Dirsch <sndirsch@suse.com>
  - update to 3.5.16:
    * test: skip compressed file tests when --disable-open-zfile is used
    * gitlab CI: build with each of --enable-open-zfile & --disable-open-zfile
    * configure: correct error message to suggest --disable-open-zfile
    * open-zfile: Make compress & uncompress commands optional
    * Require LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
    * XpmCreateDataFromXpmImage: Fix misleading indentation
    * parse.c: Wrap FREE_CIDX definition in do { ... } while(0)
    * parse.c: remove unused function xstrlcpy()
    * test: Use PACKAGE_BUGREPORT instead of hard-coded URL's
    * test: Add simple test cases for functions in src/rgb.c
    * xpmReadRgbNames: constify filename argument
    * Fix a memleak in ParsePixels error code path
* Thu Apr 13 2023 Stefan Dirsch <sndirsch@suse.com>
  - with switching to suggests making use of (n)compress no longer
    needs to be limited to openSUSE
* Thu Apr 13 2023 Stefan Dirsch <sndirsch@suse.com>
  - suggests instead of require compress (see changelog below)
* Wed Apr 12 2023 Stefan Dirsch <sndirsch@suse.com>
  - require compress (ncompress package) on openSUSE; it's not
    supported on SLE
* Wed Apr 12 2023 Fabian Vogt <fvogt@suse.com>
  - Drop n_no-compress-on-sle.patch and set XPM_PATH_COMPRESS instead
    (xpmPipeThrough function returns NULL when the command is not
    available; so same result as with the patch applied; that the
    child process for executing 'compress' returns with exit(1)
    doesn't matter much; it might even be useful to see the error
    message ...)
* Wed Apr 12 2023 Stefan Dirsch <sndirsch@suse.com>
  - Depend also on /usr/bin/uncompress, not only /usr/bin/gzip;
    Requiring binaries instead of packages resolves the file
    conflict with busybox-gzip, which is used when building nginx
    opensuse images; dep chain was: nginx -> libdg3 -> libXpm4 -> gzip
    ==> conflict with busybox-gzip
* Tue Apr 11 2023 Fabian Vogt <fvogt@suse.com>
  - Depend on /usr/bin/gzip, not gzip
* Mon Apr 03 2023 Stefan Dirsch <sndirsch@suse.com>
  - n_no-compress-on-sle.patch
    * we can't handle .Z files, since we don't have ncompress package
      on SLE; so disable this feature as before (bsc#1207031)
  - BuildRequires
    * removed again ncompress
    * added again autoconf, automake, libtool
  - run again autoreconf due to patch above
* Mon Apr 03 2023 Dirk Müller <dmueller@suse.com>
  - update to 3.5.15:
    * Use gzip -d instead of gunzip
    * Prevent a double free in the error code path
    * Fix CVE-2022-4883: compression commands depend on $PATH
    * Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
    * test: add test cases for CVE-2022-44617 (zero-width w/enormous height)
    * Fix CVE-2022-46285: Infinite loop on unclosed comments
    * test: add test case for CVE-2022-46285 (unclosed comments)
    * cxpm: getc/ungetc wrappers should not adjust position when c == EOF
    * test: Add unit tests using glib framework
    * configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE
    * man pages: Apply standard man page style/formatting
    * man pages: Replace "See Also" entries with more useful ones
    * man pages: Fix typos and other minor editing
  - drop U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch,
      U_0002-Fix-CVE-2022-46285-Infinite-loop-on-unclosed-comment.patch,
      U_0004-Fix-CVE-2022-44617-Runaway-loop-with-width-of-0-and-.patch,
      U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch,
      U_regression-bug1207029_1207030_1207031.patch
      U_regression2-bug1207029_1207030_1207031.patch: upstream
  - switch urls to https
  - spec file cleanups
  - add gpg keyring validation
* Wed Jan 11 2023 Stefan Dirsch <sndirsch@suse.com>
  - U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch
    * needed by U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch
  - U_0002-Fix-CVE-2022-46285-Infinite-loop-on-unclosed-comment.patch
    * libXpm: Infinite loop on unclosed comments (CVE-2022-46285,
      bsc#1207029)
  - U_0004-Fix-CVE-2022-44617-Runaway-loop-with-width-of-0-and-.patch
    * libXpm: Runaway loop on width of 0 and enormous height
      (CVE-2022-44617, bsc#1207030)
  - U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch
    * libXpm: compression commands depend on $PATH (CVE-2022-4883,
      bsc#1207031)
  - U_regression-bug1207029_1207030_1207031.patch
    * regression fix for above patches
  - U_regression2-bug1207029_1207030_1207031.patch
    * second regression fix: Use gzip -d instead of gunzip

Files

/usr/lib/libXpm.so.4
/usr/lib/libXpm.so.4.11.0

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Apr 21 22:32:08 2026