Accepting request 1329317 from X11:XOrg

- update to 1.2.0
  * This release adds a new XkbRF_FreeVarDefs() API, and brings
    over many fixes from the other copies of XKB code in the
    various X.Org repos.
- supersedes U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch

OBS-URL: https://build.opensuse.org/request/show/1329317
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libxkbfile?expand=0&rev=16

U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch

@@ -1,57 +0,0 @@
-From 98602942c143075ab7464f917e0fc5d31ce28c3f Mon Sep 17 00:00:00 2001
-From: Olivier Fourdan <ofourdan@redhat.com>
-Date: Wed, 27 Nov 2024 14:41:45 +0100
-Subject: [PATCH xserver] xkb: Fix buffer overflow in XkbVModMaskText()
-
-The code in XkbVModMaskText() allocates a fixed sized buffer on the
-stack and copies the virtual mod name.
-
-There's actually two issues in the code that can lead to a buffer
-overflow.
-
-First, the bound check mixes pointers and integers using misplaced
-parenthesis, defeating the bound check.
-
-But even though, if the check fails, the data is still copied, so the
-stack overflow will occur regardless.
-
-Change the logic to skip the copy entirely if the bound check fails.
-
-CVE-2025-26595, ZDI-CAN-25545
-
-This vulnerability was discovered by:
-Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
-
-Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
-Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
----
- src/xkbtext.c | 16 ++++++++--------
- 1 file changed, 8 insertions(+), 8 deletions(-)
-
-Index: libxkbfile-1.1.2/src/xkbtext.c
-===================================================================
---- libxkbfile-1.1.2.orig/src/xkbtext.c
-+++ libxkbfile-1.1.2/src/xkbtext.c
-@@ -176,14 +176,14 @@ XkbVModMaskText(Display *       dpy,
-                 len = strlen(tmp) + 1 + (str == buf ? 0 : 1);
-                 if (format == XkbCFile)
-                     len += 4;
--                if ((str - (buf + len)) <= BUFFER_SIZE) {
--                    if (str != buf) {
--                        if (format == XkbCFile)
--                            *str++ = '|';
--                        else
--                            *str++ = '+';
--                        len--;
--                    }
-+                if ((str - buf) + len > BUFFER_SIZE)
-+                    continue; /* Skip */
-+                if (str != buf) {
-+                    if (format == XkbCFile)
-+                        *str++ = '|';
-+                    else
-+                        *str++ = '+';
-+                    len--;
-                 }
-                 if (format == XkbCFile)
-                     sprintf(str, "%sMask", tmp);

libxkbfile-1.2.0.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7f71884e5faf56fb0e823f3848599cf9b5a9afce51c90982baeb64f635233ebf
+size 57856

libxkbfile.changes

@@ -1,9 +1,36 @@
 -------------------------------------------------------------------
-Sat Feb 22 11:11:57 UTC 2025 - Stefan Dirsch <sndirsch@suse.com>
+Mon Jan 26 13:32:17 UTC 2026 - Stefan Dirsch <sndirsch@suse.com>
+
+- update to 1.2.0
+  * This release adds a new XkbRF_FreeVarDefs() API, and brings
+    over many fixes from the other copies of XKB code in the
+    various X.Org repos.
+- supersedes U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch
+
+-------------------------------------------------------------------
+Tue Feb 25 17:41:52 UTC 2025 - Stefan Dirsch <sndirsch@suse.com>
 
 - U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch 
   * Buffer overflow in XkbVModMaskText() (CVE-2025-26595, bsc#1237429)
 
+-------------------------------------------------------------------
+Mon Feb  5 11:51:49 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
+
+- update to 1.1.3
+  * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
+  * Set close-on-exec when opening files
+  * _XkbMakeAtom: remove check for impossible case
+  * _XkbInitAtoms: check for malloc() failure
+  * XkbChangeAtomDisplay: stop leaking atom name
+  * XkbCFReportError: avoid -Wformat-nonliteral warning
+  * XkbWriteCFile: stop leaking header file ifdef name
+  * DefaultParser: avoid -Wimplicit-fallthrough warnings
+  * xkbtext.c: Add tbGetBufferString helper function
+  * XkbIndentText: Fix -Wsign-compare warning
+  * Fix -Wsign-compare warnings in xkbtext.c & xkmread.c
+  * Add a meson build system
+-  switched to meson build system
+
 -------------------------------------------------------------------
 Thu Dec  8 20:55:13 UTC 2022 - Dirk Müller <dmueller@suse.com>
 

libxkbfile.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package libxkbfile
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2026 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 %define lname	libxkbfile1
 Name:           libxkbfile
-Version:        1.1.2
+Version:        1.2.0
 Release:        0
 Summary:        X11 keyboard file manipulation library
 License:        MIT
@@ -28,10 +28,7 @@ URL:            https://xorg.freedesktop.org/
 #Git-Web:	http://cgit.freedesktop.org/xorg/lib/libxkbfile/
 Source:         http://xorg.freedesktop.org/releases/individual/lib/%{name}-%{version}.tar.xz
 Source1:        baselibs.conf
-Patch1237429:   U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch
-BuildRequires:  autoconf >= 2.60
-BuildRequires:  automake
-BuildRequires:  libtool
+BuildRequires:  meson
 BuildRequires:  pkgconfig
 BuildRequires:  pkgconfig(kbproto)
 BuildRequires:  pkgconfig(x11)
@@ -72,12 +69,11 @@ in %{lname}.
 %autosetup -p1
 
 %build
-%configure --disable-static
-%make_build
+%meson
+%meson_build
 
 %install
-%make_install
-find %{buildroot} -type f -name "*.la" -delete -print
+%meson_install
 
 %post -n %{lname} -p /sbin/ldconfig
 %postun -n %{lname} -p /sbin/ldconfig