Accepting request 894113 from X11:XOrg

- Update to version 1.7.1 * security update for CVE-2021-31535 (bsc#1182506) - supersedes U_CVE-2021-31535.patch - U_CVE-2021-31535.patch * adds missing request length checks in libX11 (CVE-2021-31535, bsc#1182506) OBS-URL: https://build.opensuse.org/request/show/894113 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libX11?expand=0&rev=30
2021-05-20 17:24:44 +00:00 · 2021-05-20 17:24:44 +00:00 · 1a5d011cd9
commit 1a5d011cd9
parent c6129fa4de fb18b7b339
5 changed files with 22 additions and 8 deletions
--- a/libX11-1.7.0.tar.bz2
+++ b/libX11-1.7.0.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:36c8f93b6595437c8cfbc9f08618bcb3041cbd303e140a0013f88e4c2977cb54
-size 2409144
--- a/libX11-1.7.1.tar.bz2
+++ b/libX11-1.7.1.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e64e43deaa562cbfb0d5ada64670ec09c6fac7935262dcd77bbc6d984a535d47
+size 2426509
--- a/libX11.changes
+++ b/libX11.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Tue May 18 15:57:02 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
+
+- Update to version 1.7.1
+  * security update for CVE-2021-31535 (bsc#1182506)
+- supersedes U_CVE-2021-31535.patch 
+
+-------------------------------------------------------------------
+Mon May 17 09:45:43 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
+
+- U_CVE-2021-31535.patch
+  * adds missing request length checks in libX11 (CVE-2021-31535,
+    bsc#1182506)
+
 -------------------------------------------------------------------
 Sat Nov 21 19:09:11 UTC 2020 - Stefan Dirsch <sndirsch@suse.com>

--- a/libX11.spec
+++ b/libX11.spec
@ -1,7 +1,7 @@
 #
 # spec file for package libX11
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -17,7 +17,7 @@


 Name:           libX11
-Version:        1.7.0
+Version:        1.7.1
 Release:        0
 Summary:        Core X11 protocol client library
 License:        MIT
--- a/p_xlib_skip_ext_env.diff
+++ b/p_xlib_skip_ext_env.diff
@ -2,9 +2,9 @@ Index: src/QuExt.c
 ===================================================================
 --- src/QuExt.c.orig
 +++ src/QuExt.c
-@@ -40,6 +40,20 @@ XQueryExtension(
-     xQueryExtensionReply rep;
-     register xQueryExtensionReq *req;
+@@ -45,6 +45,20 @@ XQueryExtension(
+     if (strlen(name) >= USHRT_MAX)
+         return false;
 
 +    if (name && strlen (name) < 256)
 +    {