Accepting request 886705 from X11:XOrg

- disable build of Xwayland, which is now being built in separate xwayland package with more recent sources (boo#1182677) - Update to version 1.20.11 * bugfix release - supersedes U_Fix-XChangeFeedbackControl-request-underflow.patch, U_xkb-Fix-heap-overflow-caused-by-optimized-away-min.patch - U_Fix-XChangeFeedbackControl-request-underflow.patch * Fix XChangeFeedbackControl() request underflow (CVE-2021-3472, ZDI-CAN-1259, bsc#1180128) OBS-URL: https://build.opensuse.org/request/show/886705 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=391
2021-04-22 16:03:25 +00:00 · 2021-04-22 16:03:25 +00:00 · cd6b0b1685
commit cd6b0b1685
parent 22382b93c8 90b3657e6e
5 changed files with 31 additions and 72 deletions
--- a/U_xkb-Fix-heap-overflow-caused-by-optimized-away-min.patch
+++ b/U_xkb-Fix-heap-overflow-caused-by-optimized-away-min.patch
@ -1,60 +0,0 @@
-Git-commit: ba1e6eaea84b73e6ccd5f73acb93110eadb1a640
-Author: Michal Srb <msrb@suse.com>
-Subject: xkb: Fix heap overflow caused by optimized away min.
-Patch-mainline: Upstream
-References: boo#1099113
-
-Calling strlen on char[4] that does not need to contain '\0' is wrong and X
-server may end up running into invalid memory.
-
-In addition GCC 8 is clever enough that it knows that strlen on char[4] can
-return 0, 1, 2, 3 or cause undefined behavior. With this knowledge it can
-optimize away the min(..., 4). When the undefined behavior happens, any long
-value can be passed as size to the memcpy which will overflow the destination
-buffer.
-
-Fixes: 83913de25d35 (xkb: Silence some compiler warnings)
-Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=86259
---
- xkb/XKBGAlloc.c | 11 +++++------
- 1 file changed, 5 insertions(+), 6 deletions(-)
-
-diff --git a/xkb/XKBGAlloc.c b/xkb/XKBGAlloc.c
-index 8958b0c52..f0cda24fe 100644
--- a/xkb/XKBGAlloc.c
-+++ b/xkb/XKBGAlloc.c
-@@ -588,8 +588,7 @@ XkbAddGeomKeyAlias(XkbGeometryPtr geom, char *aliasStr, char *realStr)
-          i++, alias++) {
-         if (strncmp(alias->alias, aliasStr, XkbKeyNameLength) == 0) {
-             memset(alias->real, 0, XkbKeyNameLength);
-            memcpy(alias->real, realStr,
-                   min(XkbKeyNameLength, strlen(realStr)));
-+            memcpy(alias->real, realStr, strnlen(realStr, XkbKeyNameLength));
-             return alias;
-         }
-     }
-@@ -599,8 +598,8 @@ XkbAddGeomKeyAlias(XkbGeometryPtr geom, char *aliasStr, char *realStr)
-     }
-     alias = &geom->key_aliases[geom->num_key_aliases];
-     memset(alias, 0, sizeof(XkbKeyAliasRec));
-    memcpy(alias->alias, aliasStr, min(XkbKeyNameLength, strlen(aliasStr)));
-    memcpy(alias->real, realStr, min(XkbKeyNameLength, strlen(realStr)));
-+    memcpy(alias->alias, aliasStr, strnlen(aliasStr, XkbKeyNameLength));
-+    memcpy(alias->real, realStr, strnlen(realStr, XkbKeyNameLength));
-     geom->num_key_aliases++;
-     return alias;
- }
-@@ -815,8 +814,8 @@ XkbAddGeomOverlayKey(XkbOverlayPtr overlay,
-         (_XkbAllocOverlayKeys(row, 1) != Success))
-         return NULL;
-     key = &row->keys[row->num_keys];
-    memcpy(key->under.name, under, min(XkbKeyNameLength, strlen(under)));
-    memcpy(key->over.name, over, min(XkbKeyNameLength, strlen(over)));
-+    memcpy(key->under.name, under, strnlen(under, XkbKeyNameLength));
-+    memcpy(key->over.name, over, strnlen(over, XkbKeyNameLength));
-     row->num_keys++;
-     return key;
- }
-- 
-2.13.6
-
--- a/xorg-server-1.20.11.tar.bz2
+++ b/xorg-server-1.20.11.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:914c796e3ffabe1af48071d40ccc85e92117c97a9082ed1df29e4d64e3c34c49
+size 6476116
--- a/xorg-x11-server.changes
+++ b/xorg-x11-server.changes
@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Mon Apr 19 11:29:31 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
+
+- disable build of Xwayland, which is now being built in separate
+  xwayland package with more recent sources (boo#1182677)
+
+-------------------------------------------------------------------
+Tue Apr 13 15:32:45 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
+
+- Update to version 1.20.11
+  * bugfix release
+- supersedes U_Fix-XChangeFeedbackControl-request-underflow.patch,
+  U_xkb-Fix-heap-overflow-caused-by-optimized-away-min.patch
+
+-------------------------------------------------------------------
+Mon Apr 12 10:46:33 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
+
+- U_Fix-XChangeFeedbackControl-request-underflow.patch
+  * Fix XChangeFeedbackControl() request underflow (CVE-2021-3472,
+    ZDI-CAN-1259, bsc#1180128)
+
 -------------------------------------------------------------------
 Wed Mar  3 09:24:59 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>

--- a/xorg-x11-server.spec
+++ b/xorg-x11-server.spec
@ -22,9 +22,8 @@
 %endif

 %define pci_ids_dir %{_datadir}/X11/xorg_pci_ids
-%if 0%{?suse_version} >= 1330 || 0%{?build_xwayland}
-%define have_wayland 1
-%endif
+# now built separately in xwayland pkg with more recent sources (boo#1182677)
+%define have_wayland 0

 %define build_suid_wrapper 1

@ -41,7 +40,7 @@
 %endif

 Name:           xorg-x11-server
-Version:        1.20.10
+Version:        1.20.11
 Release:        0
 URL:            http://xorg.freedesktop.org/
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@ -50,7 +49,7 @@ Summary:        X
 # Source URL: http://xorg.freedesktop.org/archive/individual/xserver/
 License:        MIT
 Group:          System/X11/Servers/XF86_4
-Source0:        xserver-%{version}.tar.xz
+Source0:        xorg-server-%{version}.tar.bz2
 Source1:        sysconfig.displaymanager.template
 Source2:        README.updates
 Source3:        xorgcfg.tar.bz2
@ -242,8 +241,6 @@ Patch1222:      b_sync-fix.patch

 Patch1401:      u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch

-Patch1501:      U_xkb-Fix-heap-overflow-caused-by-optimized-away-min.patch
-
 Patch1502:      U_dix-window-Use-ConfigureWindow-instead-of-MoveWindow.patch

 Patch1503:      u_xfree86-Do-not-claim-pci-slots-if-fb-slot-is-already.patch
@ -361,7 +358,7 @@ Group:          Development/Sources
 This package contains patched sources of X.Org Server.

 %prep
-%setup -q -n xserver-%{version} -a3
+%setup -q -n xorg-server-%{version} -a3
 # Early verification if the ABI Defines are correct. Let's not waste build cycles if the Provides are wrong at the end.
 sh %{SOURCE92} --verify . %{SOURCE91}

@ -400,10 +397,11 @@ sh %{SOURCE92} --verify . %{SOURCE91}
 ### patch222 might not be applicable anymore
 #%patch1222 -p1
 %patch1401 -p1
-%patch1501 -p1
 %patch1502 -p1
 %patch1503 -p1
+%if 0%{?have_wayland} == 1
 %patch1505 -p1
+%endif
 %patch1600 -p1
 %patch1801 -p1
 %patch1900 -p1
--- a/xserver-1.20.10.tar.xz
+++ b/xserver-1.20.10.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a6006d1ece16284ff782ac7a13907c304b1760319cf4678c85a02a9dca6bac85
-size 3112104