pool/xorg-x11-server
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
912 Commits 2 Branches 0 Tags 23 MiB
8f6624618d
Commit Graph

912 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Ana Guerrero
8f6624618d Accepting request 1229142 from X11:XOrg 
- re-added and re-enabled u_xfree86-activate-GPU-screens-on-autobind.patch
  in order to fix the regression of a black screen in login screen
  (SDDM) on some hybrid graphics Laptop (Intel Meteor Lake-P/
  NVIDIA GeForce RTX 4060) (boo#1234301)

OBS-URL: https://build.opensuse.org/request/show/1229142
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=437
 2024-12-09 20:09:44 +00:00
Stefan Dirsch
a39f56179a - re-added and re-enabled u_xfree86-activate-GPU-screens-on-autobind.patch 
in order to fix the regression of a black screen in login screen
  (SDDM) on some hybrid graphics Laptop (Intel Meteor Lake-P/
  NVIDIA GeForce RTX 4060) (boo#1234301)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=900
 2024-12-08 19:14:45 +00:00
Ana Guerrero
214bcc86f2 Accepting request 1228313 from X11:XOrg 
- no longer apply and remove 
  u_xfree86-activate-GPU-screens-on-autobind.patch since it's
  no longer needed and might be harmful even ... (tested
  successfully on Thinkpad P16 with Intel/NVIDIA hybrid graphics)
- remove no longer applied and no longer needed patch 
  n_xserver-optimus-autoconfig-hack.patch (feature implemented
  upstream)

OBS-URL: https://build.opensuse.org/request/show/1228313
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=436
 2024-12-05 16:05:20 +00:00
Stefan Dirsch
f43fd6f711 - no longer apply and remove 
u_xfree86-activate-GPU-screens-on-autobind.patch since it's
  no longer needed and might be harmful even ... (tested
  successfully on Thinkpad P16 with Intel/NVIDIA hybrid graphics)
- remove no longer applied and no longer needed patch 
  n_xserver-optimus-autoconfig-hack.patch (feature implemented
  upstream)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=898
 2024-12-04 13:20:03 +00:00
Ana Guerrero
5674b3a8fa Accepting request 1221609 from X11:XOrg 
- 21.1.14 covers also
  * CVE-2024-31080 (bsc#1222309)
  * CVE-2024-31081 (bsc#1222310) 
  * CVE-2024-31082 (bsc#1222311)
  * CVE-2024-31083 (bsc#1222312)

- Security update 21.1.14
  This release addresses the following security issue
  * CVE-2024-9632: Heap-based buffer overflow privilege escalation
    in _XkbSetCompatMap (bsc#1231565)
- supersedes U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
- supersedes U_xorg-xserver-e89edec497ba.patch

OBS-URL: https://build.opensuse.org/request/show/1221609
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=435
 2024-11-06 15:49:21 +00:00
Stefan Dirsch
e8016ed6b3 - 21.1.14 covers also 
* CVE-2024-31080 (bsc#1222309)
  * CVE-2024-31081 (bsc#1222310) 
  * CVE-2024-31082 (bsc#1222311)
  * CVE-2024-31083 (bsc#1222312)

- Security update 21.1.14
  This release addresses the following security issue
  * CVE-2024-9632: Heap-based buffer overflow privilege escalation
    in _XkbSetCompatMap (bsc#1231565)
- supersedes U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
- supersedes U_xorg-xserver-e89edec497ba.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=896
 2024-10-29 19:23:13 +00:00
Ana Guerrero
dd81c855e7 Accepting request 1202929 from X11:XOrg 
- added conflicts to patterns-wsl-tmpfiles to Xserver packages
  as this patterns package creates a symlink from /tmp/.X11-unix to
  /mnt/wslg/.X11-unix and therefore prevents Xservers from creating
  this needed directory (bsc#1230755)

OBS-URL: https://build.opensuse.org/request/show/1202929
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=434
 2024-09-25 19:52:50 +00:00
Stefan Dirsch
3796c8f146 - added conflicts to patterns-wsl-tmpfiles to Xserver packages 
as this patterns package creates a symlink from /tmp/.X11-unix to
  /mnt/wslg/.X11-unix and therefore prevents Xservers from creating
  this needed directory (bsc#1230755)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=894
 2024-09-24 11:37:25 +00:00
Dominique Leuenberger
56a97a1764 Accepting request 1190943 from X11:XOrg 
- Added U_xorg-xserver-e89edec497ba.patch to fix incompatible pointer
  type error with GCC 14.

OBS-URL: https://build.opensuse.org/request/show/1190943
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=433
 2024-08-02 15:25:34 +00:00
Stefan Dirsch
54057616e4 rename latest patch according to our X11:XOrg patch guidelines 
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=892
 2024-08-01 10:34:24 +00:00
Stefan Dirsch
6ff43929b0 Accepting request 1189636 from home:jamborm:gcc14test-m 
- Added xorg-xserver-e89edec497ba.patch to fix incompatible pointer
  type error with GCC 14.

If the request is OK, please forward it to Factory soon too so that we
can switch the default compiler.  Thanks!

OBS-URL: https://build.opensuse.org/request/show/1189636
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=891
 2024-08-01 10:31:47 +00:00
Ana Guerrero
5e96e458ad Accepting request 1188381 from X11:XOrg 
- u_fbdevhw_kernel6.9_break_fbdev_open.patch
  * Linux kernel v6.9 has changed the symlink to point to the
    parent device.  This breaks fbdev_open() detection logic.
    Change it to use the subsystem symlink instead which will
    remain stable (gitlab xserver issue#1714)

OBS-URL: https://build.opensuse.org/request/show/1188381
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=432
 2024-07-19 13:25:43 +00:00
Stefan Dirsch
d1a7e7ee12 - u_fbdevhw_kernel6.9_break_fbdev_open.patch 
* Linux kernel v6.9 has changed the symlink to point to the
    parent device.  This breaks fbdev_open() detection logic.
    Change it to use the subsystem symlink instead which will
    remain stable (gitlab xserver issue#1714)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=889
 2024-07-18 11:00:29 +00:00
Ana Guerrero
a9de2465e4 Accepting request 1180219 from X11:XOrg 
OBS-URL: https://build.opensuse.org/request/show/1180219
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=431
 2024-06-13 13:37:44 +00:00
Stefan Dirsch
2465782129 Accepting request 1180145 from home:dgarcia:branches:X11:XOrg 
- Fix python3 shebang in source python script to use specific python
  interpreter and remove dependency on /usr/bin/python3
  (bsc#1212476)

OBS-URL: https://build.opensuse.org/request/show/1180145
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=887
 2024-06-12 13:13:51 +00:00
Ana Guerrero
6a5a8cfee5 Accepting request 1166666 from X11:XOrg 
- U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
  * fixes regression for security fix for CVE-2024-31083 (bsc#1222312, 
    boo#1222442, gitlab xserver issue #1659)

OBS-URL: https://build.opensuse.org/request/show/1166666
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=430
 2024-04-11 17:40:24 +00:00
Stefan Dirsch
7cf27825ed - U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch 
* fixes regression for security fix for CVE-2024-31083 (bsc#1222312, 
    boo#1222442, gitlab xserver issue #1659)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=885
 2024-04-10 13:25:42 +00:00
Ana Guerrero
7861952257 Accepting request 1164516 from X11:XOrg 
- Security update 21.1.12
  This release addresses the following 4 security issues:
  * CVE-2024-31080
  * CVE-2024-31081
  * CVE-2024-31082
  * CVE-2024-31083
  Additionally it provides a way to disable byte-swapped clients either by
  command line flag or config option. This allows to turn off byte swapping
  code that has been a source of security problems lately.

OBS-URL: https://build.opensuse.org/request/show/1164516
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=429
 2024-04-04 20:24:46 +00:00
Stefan Dirsch
25a7aa1fcd - Security update 21.1.12 
This release addresses the following 4 security issues:
  * CVE-2024-31080
  * CVE-2024-31081
  * CVE-2024-31082
  * CVE-2024-31083
  Additionally it provides a way to disable byte-swapped clients either by
  command line flag or config option. This allows to turn off byte swapping
  code that has been a source of security problems lately.

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=883
 2024-04-04 08:26:50 +00:00
Ana Guerrero
ea487cfa07 Accepting request 1151681 from X11:XOrg 
OBS-URL: https://build.opensuse.org/request/show/1151681
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=428
 2024-02-27 21:44:47 +00:00
Stefan Dirsch
b5c8d1679f Accepting request 1151307 from home:dimstar:rpm4.20:x 
Prepare for RPM 4.20

OBS-URL: https://build.opensuse.org/request/show/1151307
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=881
 2024-02-26 13:55:25 +00:00
Ana Guerrero
f0d4ba78c8 Accepting request 1148344 from X11:XOrg 
- fix permissions of files in xorg-x11-server-source for tigervnc
  build later (needed since latest autoconf)

- Provide again xorg-x11-server-source
  * xwayland sources are not meant for a generic server.
  * https://github.com/TigerVNC/tigervnc/issues/1728

- Stop providing xorg-x11-server-source from xorg-x11-server
  * Now the sources are provided by xwayland because it is more updated.
  * Fixes bsc#1219892.

OBS-URL: https://build.opensuse.org/request/show/1148344
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=427
 2024-02-23 15:40:13 +00:00
Stefan Dirsch
acf968d516 - fix permissions of files in xorg-x11-server-source for tigervnc 
build later (needed since latest autoconf)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=879
 2024-02-20 20:40:13 +00:00
Stefan Dirsch
041c8cf369 Accepting request 1146918 from home:jtorres:branches:X11:XOrg 
- Provide again xorg-x11-server-source
  * xwayland sources are not meant for a generic server.
  * https://github.com/TigerVNC/tigervnc/issues/1728

OBS-URL: https://build.opensuse.org/request/show/1146918
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=878
 2024-02-15 18:36:36 +00:00
Stefan Dirsch
31a9dd9b98 Accepting request 1146793 from home:jtorres:branches:X11:XOrg 
- Stop providing xorg-x11-server-source from xorg-x11-server
  * Now the sources are provided by xwayland because it is more updated.
  * Fixes bsc#1219892.

OBS-URL: https://build.opensuse.org/request/show/1146793
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=877
 2024-02-15 11:54:17 +00:00
Ana Guerrero
e61d5aaba0 Accepting request 1146120 from X11:XOrg 
- Release 21.1.11 also covers fixes for security issue CVE-2022-46340
  and bug numbers bsc#1205874, bsc#1217765

- Release 21.1.11 covers fixes for the following bug numbers, which
  are not mentioned in this changelog before: bsc#1218845,
  bsc#1218846, bsc#1216261, bsc#1216133, bsc#1216135

- Release 21.1.11 supersedes the following patches still used with
  xorg-x11-server 21.1.4 on sle15-sp5/Leap 15.5 and not mentioned in
  this changelog as superseded before:
  * U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch
  * U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch
  * U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch
  * U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch
  * U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
  * U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch
  * bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch
  * bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch
  * bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch
  * bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch
  * bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch
  * bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch
  * bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch
  * U_bsc1218845-glx-Call-XACE-hooks-on-the-GLX-buffer.patch
  * U_bsc1218846-ephyr-xwayland-Use-the-proper-private-key-for-cursor.patch

- xserver sources of this release fixes segfault in Xvnc (bsc#1219311)

OBS-URL: https://build.opensuse.org/request/show/1146120
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=426
 2024-02-12 17:51:07 +00:00
Stefan Dirsch
670f3724ce - Release 21.1.11 also covers fixes for security issue CVE-2022-46340 
and bug numbers bsc#1205874, bsc#1217765

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=875
 2024-02-12 10:05:11 +00:00
Stefan Dirsch
2e97444477 - Release 21.1.11 covers fixes for the following bug numbers, which 
are not mentioned in this changelog before: bsc#1218845,
  bsc#1218846, bsc#1216261, bsc#1216133, bsc#1216135

- Release 21.1.11 supersedes the following patches still used with
  xorg-x11-server 21.1.4 on sle15-sp5/Leap 15.5 and not mentioned in
  this changelog as superseded before:
  * U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch
  * U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch
  * U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch
  * U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch
  * U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
  * U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch
  * bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch
  * bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch
  * bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch
  * bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch
  * bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch
  * bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch
  * bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch
  * U_bsc1218845-glx-Call-XACE-hooks-on-the-GLX-buffer.patch
  * U_bsc1218846-ephyr-xwayland-Use-the-proper-private-key-for-cursor.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=874
 2024-02-11 10:31:45 +00:00
Stefan Dirsch
a80075e194 - xserver sources of this release fixes segfault in Xvnc (bsc#1219311) 
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=873
 2024-02-09 20:19:15 +00:00
Ana Guerrero
974b5eefd5 Accepting request 1142261 from X11:XOrg 
- no longer (build-)require obsolete Xprint/XprintUtil

OBS-URL: https://build.opensuse.org/request/show/1142261
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=425
 2024-01-30 17:23:54 +00:00
Stefan Dirsch
17a63689f9 - no longer (build-)require obsolete Xprint/XprintUtil 
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=871
 2024-01-29 13:10:06 +00:00
Ana Guerrero
9e7dfe9bf7 Accepting request 1139223 from X11:XOrg 
- Update to version 21.1.11
  * This release contains fixes for the issues reported in today's security
    advisory: https://lists.x.org/archives/xorg/2024-January/061525.html
  * CVE-2023-6816  (bsc#1218582)
  * CVE-2024-0229  (bsc#1218583)
  * CVE-2024-21885 (bsc#1218584)
  * CVE-2024-21886 (bsc#1218585)
  * CVE-2024-0408
  * CVE-2024-0409
- supersedes the following patches
  * U_xephyr-Don-t-check-for-SeatId-anymore.patch
  * U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  * U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch

OBS-URL: https://build.opensuse.org/request/show/1139223
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=424
 2024-01-17 21:15:03 +00:00
Stefan Dirsch
eac62a3a3b - Update to version 21.1.11 
* This release contains fixes for the issues reported in today's security
    advisory: https://lists.x.org/archives/xorg/2024-January/061525.html
  * CVE-2023-6816  (bsc#1218582)
  * CVE-2024-0229  (bsc#1218583)
  * CVE-2024-21885 (bsc#1218584)
  * CVE-2024-21886 (bsc#1218585)
  * CVE-2024-0408
  * CVE-2024-0409
- supersedes the following patches
  * U_xephyr-Don-t-check-for-SeatId-anymore.patch
  * U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  * U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=869
 2024-01-16 14:20:49 +00:00
Ana Guerrero
4ac071937a Accepting request 1137765 from X11:XOrg 
- u_miCloseScreen_check_for_null_pScreen_dev_private.patch
  * miCloseScreen check for null pScreen dev private (bsc#1218176); 
    another regression introduced by 
    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch

OBS-URL: https://build.opensuse.org/request/show/1137765
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=423
 2024-01-10 20:51:05 +00:00
Dominique Leuenberger
b0f021b69e Accepting request 1137260 from X11:XOrg 
- n_xserver-optimus-autoconfig-hack.patch
  u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
  u_xfree86-activate-GPU-screens-on-autobind.patch
  * check dixPrivateKeyRegistered(rrPrivKey) before calling
    rrGetScrPriv() to avoid xserver crash when Xinerama is enabled
    (boo#1218240)
 -------------------------------------------------------------------

OBS-URL: https://build.opensuse.org/request/show/1137260
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=422
 2024-01-07 20:39:07 +00:00
Stefan Dirsch
678de8e366 - u_miCloseScreen_check_for_null_pScreen_dev_private.patch 
* miCloseScreen check for null pScreen dev private (bsc#1218176); 
    another regression introduced by 
    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=866
 2024-01-06 20:07:07 +00:00
Stefan Dirsch
605942037e - n_xserver-optimus-autoconfig-hack.patch 
u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
  u_xfree86-activate-GPU-screens-on-autobind.patch
  * check dixPrivateKeyRegistered(rrPrivKey) before calling
    rrGetScrPriv() to avoid xserver crash when Xinerama is enabled
    (boo#1218240)
 -------------------------------------------------------------------

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=865
 2024-01-06 15:21:02 +00:00
Ana Guerrero
8dca7e3f1a Accepting request 1132834 from X11:XOrg 
- U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  * Out-of-bounds memory write in XKB button actions (CVE-2023-6377, 
    ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765)
- U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
  * Out-of-bounds memory read in RRChangeOutputProperty and
    RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561,
    bsc#1217766)

OBS-URL: https://build.opensuse.org/request/show/1132834
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=421
 2023-12-14 21:02:29 +00:00
Joan Torres
cdc2ed918d Added missing fixes on U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch. 
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=863
 2023-12-13 10:09:44 +00:00
Joan Torres
d3adf84eb2 - U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch 
* Out-of-bounds memory write in XKB button actions (CVE-2023-6377, 
    ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765)
- U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
  * Out-of-bounds memory read in RRChangeOutputProperty and
    RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561,
    bsc#1217766)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=862
 2023-12-13 09:18:18 +00:00
Ana Guerrero
28b3701e72 Accepting request 1120244 from X11:XOrg 
- Update to version 21.1.9
  * This release contains fixes for CVE-2023-5367, CVE-2023-5380
    and CVE-2023-5574 as reported in today's security advisory:
    https://lists.x.org/archives/xorg-announce/2023-October/003430.html
- adjusted u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch

OBS-URL: https://build.opensuse.org/request/show/1120244
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=420
 2023-10-25 16:02:08 +00:00
Stefan Dirsch
f2b0c39e9f * This release contains fixes for CVE-2023-5367, CVE-2023-5380 
and CVE-2023-5574 as reported in today's security advisory:

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=860
 2023-10-25 12:08:03 +00:00
Stefan Dirsch
5df1139ec3 - Update to version 21.1.9 
* This release contains fixes for CVE-2023-5367 and CVE-2023-5380 as
    reported in today's security advisory:
    https://lists.x.org/archives/xorg-announce/2023-October/003430.html
- adjusted u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=859
 2023-10-25 11:29:21 +00:00
Dominique Leuenberger
b8eaf40ba1 Accepting request 1076666 from X11:XOrg 
OBS-URL: https://build.opensuse.org/request/show/1076666
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=419
 2023-04-02 17:16:56 +00:00
Stefan Dirsch
2444a577fa Accepting request 1076665 from home:iznogood:branches:X11:XOrg 
Tweak .changes entry from my previous sub - add CVE...

OBS-URL: https://build.opensuse.org/request/show/1076665
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=857
 2023-04-01 18:44:04 +00:00
Stefan Dirsch
648f5c3fe3 Accepting request 1076650 from home:iznogood:branches:X11:XOrg 
- Update to version 21.1.8:
  * composite: Fix use-after-free of the COW
  * xkbUtils: use existing symbol names instead of deleted
    deprecated ones
- Drop U_xserver-composite-Fix-use-after-free-of-the-COW.patch:
  Fixed upstream
- Switch back to tarball release, drop source service, add keyring
  and sig files.

OBS-URL: https://build.opensuse.org/request/show/1076650
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=856
 2023-04-01 17:59:31 +00:00
Dominique Leuenberger
5f4493c278 Accepting request 1075267 from X11:XOrg 
This can be checked in now https://lists.x.org/archives/xorg-announce/2023-March/003374.html

- U_xserver-composite-Fix-use-after-free-of-the-COW.patch
  * overlay window use-after-free (CVE-2023-1393, ZDI-CAN-19866,
    bsc#1209543)

OBS-URL: https://build.opensuse.org/request/show/1075267
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=418
 2023-03-30 20:50:52 +00:00
Stefan Dirsch
d2f12e3cf3 - U_xserver-composite-Fix-use-after-free-of-the-COW.patch 
* overlay window use-after-free (CVE-2023-1393, ZDI-CAN-19866,
    bsc#1209543)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=854
 2023-03-29 13:38:58 +00:00
Dominique Leuenberger
b7578ba345 Accepting request 1063640 from X11:XOrg 
- Update to version xorg-server-21.1.7:
  * This release contains the fix for CVE-2023-0494 in today's security
    advisory: 
    https://lists.x.org/archives/xorg-announce/2023-February/003320.html
    It also fixes a second possible OOB access during EnqueueEvent and a
    crasher caused by ResourceClientBits not correctly honouring the
    MaxClients value in the configuration file.
- supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch,
  U_xorg-server-oob-read-enqueue-event.patch

- U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch
  * DeepCopyPointerClasses use-after-free (CVE-2023-0494, 
    ZDI-CAN-19596, bsc#1207783)

OBS-URL: https://build.opensuse.org/request/show/1063640
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=417
 2023-02-08 16:19:52 +00:00
Stefan Dirsch
8832186295 - Update to version xorg-server-21.1.7: 
* This release contains the fix for CVE-2023-0494 in today's security
    advisory: 
    https://lists.x.org/archives/xorg-announce/2023-February/003320.html
    It also fixes a second possible OOB access during EnqueueEvent and a
    crasher caused by ResourceClientBits not correctly honouring the
    MaxClients value in the configuration file.
- supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch,
  U_xorg-server-oob-read-enqueue-event.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=852
 2023-02-07 14:51:52 +00:00