* CVE-2021-4009/ZDI-CAN-14950 (bsc#1190487)
The handler for the CreatePointerBarrier request of the XFixes
extension does not properly validate the request length leading
to out of bounds memory write.
- U_Xext-Fix-out-of-bounds-access-in-SProcScreenSaverSus.patch
* CVE-2021-4010/ZDI-CAN-14951 (bsc#1190488)
The handler for the Suspend request of the Screen Saver extension
does not properly validate the request length leading to out of
bounds memory write.
- U_record-Fix-out-of-bounds-access-in-SwapCreateRegiste.patch
* CVE-2021-4011/ZDI-CAN-14952 (bsc#1190489)
The handlers for the RecordCreateContext and RecordRegisterClients
requests of the Record extension do not properly validate the request
length leading to out of bounds memory write.
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=811
* The meson support is now fully mature. While autotools support
will still be kept for this release series, it will be dropped
afterwards.
* Glamor support for Xvfb.
* Variable refresh rate support in the modesetting driver.
* XInput 2.4 support which adds touchpad gestures.
* DMX DDX has been removed.
* X server now correctly reports display DPI in more cases. This
may affect rendering of client applications that have their own
workarounds for hi-DPI screens.
* A large number of small features and various bug fixes.
- updated xorg-server-provides
- supersedes patches
* U_Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch
* U_dix-window-Use-ConfigureWindow-instead-of-MoveWindow.patch
* U_glamor_egl-Reject-OpenGL-2.1-early-on.patch
* u_render-Cast-color-masks-to-unsigned-long-before-shifting-them.patch
- refreshed patches
* N_fix-dpi-values.diff
* N_zap_warning_xserver.diff
* u_modesetting-Fix-dirty-updates-for-sw-rotation.patch
* u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
* u_vesa-Add-VBEDPMSGetCapabilities-VBEDPMSGet.patch
- disabled n_xserver-optimus-autoconfig-hack.patch, which I believe is
superseded by:
commit 078277e4d92f05a90c4715d61b89b9d9d38d68ea
Author: Dave Airlie <airlied@redhat.com>
Date: Fri Aug 17 09:49:24 2012 +1000
xf86: autobind GPUs to the screen
- added pkgconfig(libxcvt)
- cvt binary moved to libxcvt0 package
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=804
- Update to version 1.20.10:
* Check SetMap request length carefully.
* Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap overflows
* present/wnmd: Translate update region to screen space
* modesetting: keep going if a modeset fails on EnterVT
* modesetting: check the kms state on EnterVT
* configure: Build hashtable for Xres and glvnd
* xwayland: Create an xwl_window for toplevel only
* xwayland: non-rootless requires the wl_shell protocol
* glamor: Update pixmap's devKind when making it exportable
* os: Fix instruction pointer written in xorg_backtrace
* present/wnmd: Execute copies at target_msc-1 already
* present/wnmd: Move up present_wnmd_queue_vblank
* present: Add present_vblank::exec_msc field
* present: Move flip target_msc adjustment out of present_vblank_create
* xwayland: Remove pending stream reference when freeing
* xwayland: use drmGetNodeTypeFromFd for checking if a node is a render one
* xwayland: Do not discard frame callbacks on allow commits
* present/wnmd: Remove dead check from present_wnmd_check_flip
* xwayland: Check window pixmap in xwl_present_check_flip2
* present/wnmd: Can't use page flipping for windows clipped by children
* xfree86: Take second reference for SavedCursor in xf86CursorSetCursor
* glamor: Fix glamor_poly_fill_rect_gl xRectangle::width/height handling
* include: Increase the number of max. input devices to 256.
* Revert "linux: Make platform device probe less fragile"
* Revert "linux: Fix platform device PCI detection for complex bus topologies"
* Revert "linux: Fix platform device probe for DT-based PCI"
- Remove included pachtes
* U_xfree86_take_second_ref_for_xcursor.patch
* U_Revert-linux-Fix-platform-device-probe-for-DT-based-.patch
OBS-URL: https://build.opensuse.org/request/show/853603
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=785
* XkbSetMap Out-Of-Bounds Access: Insufficient checks on the
lengths of the XkbSetMap request can lead to out of bounds
memory accesses in the X server. (ZDI-CAN 11572,
CVE-2020-14360, bsc#1174908)
- U_Fix-XkbSetDeviceInfo-and-SetDeviceIndicators-heap-ov.patch
* XkbSetDeviceInfo Heap-based Buffer Overflow: Insufficient
checks on input of the XkbSetDeviceInfo request can lead to a
buffer overflow on the head in the X server. (ZDI-CAN 11389,
CVE-2020-25712, bsc#1177596)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=782
* replace default config /etc/X11/Xwrapper, which allows
anybody to use the wrapper, by a patch for the code, i.e.
# rootonly, console, anybody
allowed_users=anybody
# yes, no, auto
needs_root_rights=auto
is now the default without any Xwrapper config
(needs_root_rights=auto was already the default before)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=780
- u_xorg-wrapper-Xserver-Options-Whitelist-Filter.patch
* replaced by improved version written by Matthias Gerstner of
our security team
+ simplified the option parsing code a bit
+ changed the "ignore forbidden argument" logic into an "abort
on forbidden argument" logic. This is safer and avoids
surprises on the user's end that could occur if the desired
command line arguments aren't effective but the Xorg server is
still started.
+ tried to adjust to the coding style present in the file
(mostly the function name)
+ added some logic to apply the option filtering only to
non-root users when Xorg is actually started as root. This
should allow for full flexibility if root calls the wrapper or
if the Xorg server only runs with user privileges.
- n_xorg-wrapper-rename-Xorg.patch
* moved Xorg to Xorg.bin and Xorg.sh to Xorg (boo#1175867)
- change default for needs_root_rights to auto in Xwrapper.config
(boo#1175867)
- reenabled SUID wrapper for TW (boo#1175867)
- u_xorg-wrapper-Xserver-Options-Whitelist-Filter.patch
* Xserver option whitelist filter (boo#1175867)
OBS-URL: https://build.opensuse.org/request/show/838619
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=779
* Revert "dri2: Don't make reference to noClientException"
* dix: Check for NULL spriteInfo in GetPairedDevice
* os: Ignore dying client in ResetCurrentRequest
* modesetting: remove unnecessary error message, fix zaphod leases
* Fix building with `-fno-common`
* xwayland: clear pixmaps after creation in rootless mode
* glamor: Fix a compiler warning since the recent OOM fixes.
* Restrict 1x1 pixmap filling optimization to GXcopy
* Add xf86OSInputThreadInit to stub os-support as well
* Fix old-style definition warning for xf86OSInputThreadInit()
* xwayland/glamor-gbm: Handle DRM_FORMAT_MOD_INVALID gracefully
* configure: Define GLAMOR_HAS_EGL_QUERY_DRIVER when available
* modesetting: Disable atomic support by default
* modesetting: Explicitly #include "mi.h"
* xfree86/modes: Bail from xf86RotateRedisplay if pScreen->root is NULL
* xwayland: Split up xwl_screen_post_damage into two phases
* xwayland: Call glamor_block_handler from xwl_screen_post_damage
* xwayland: Add xwl_window_create_frame_callback helper
* xwayland: Use single frame callback for Present flips and normal updates
* xwayland: Use frame callbacks for Present vblank events
* xwayland: Delete all frame_callback_list nodes in xwl_unrealize_window
* glamor: Propagate FBO allocation failure for picture to texture upload
* glamor: Error out on out-of-memory when allocating PBO for FBO access
* glamor: Propagate glamor_prepare_access failures in copy helpers
* glamor: Fallback to system memory for RW PBO buffer allocation
- supersedes u_fno-common.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=761
* xserver 1.20.7
* ospoll: Fix Solaris ports implementation to build on Solaris 11.4
* os-support/solaris: Set IOPL for input thread too
* Add xf86OSInputThreadInit call from common layer into os-support layer
* Add ddxInputThread call from os layer into ddx layer
* os-support/solaris: Drop ExtendedEnabled global variable
* glamor: Only use dual blending with GLSL >= 1.30
* modesetting: Check whether RandR was initialized before calling rrGetScrPriv
* Xi: return AlreadyGrabbed for key grabs > 255
* xwayland: Do flush GPU work in xwl_present_flush
* modesetting: Clear new screen pixmap storage on RandR resize
* xfree86/modes: Call xf86RotateRedisplay from xf86CrtcRotate
* modesetting: Call glamor_finish from drmmode_crtc_set_mode
* modesetting: Use EGL_MESA_query_driver to select DRI driver if possible
* glamor: Add a function to get the driver name via EGL_MESA_query_driver
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=755
- Update to version 1.20.6+0:
* xfree86: Test presence of isastream()
* present/wnmd: Relax assertion on CRTC on abort_vblank()
* os: Don't crash in AttendClient if the client is gone
* dix: Call SourceValidate before GetImage
* mi: Add a default no-op miSourceValidate
* compiler.h: Do not include sys/io.h on ARM with glibc
* xfree86: Call ScreenInit for protocol screens before GPU
screens
* modesetting:
- Implement ms_covering_randr_crtc() for ms_present_get_crtc()
- Fix ms_covering_crtc() segfault with non-xf86Crtc slave
OBS-URL: https://build.opensuse.org/request/show/750436
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=751
which is available since release 435.xx:
0001-xsync-Add-resource-inside-of-SyncCreate-export-SyncC.patch,
0002-GLX-Add-a-per-client-vendor-mapping.patch,
0003-GLX-Use-the-sending-client-for-looking-up-XID-s.patch,
0004-GLX-Add-a-function-to-change-a-clients-vendor-list.patch,
0005-GLX-Set-GlxServerExports-major-minor-Version.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=742