pool/xorg-x11-server
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
899 Commits 1 Branch 0 Tags 18 MiB
a9de2465e4
Commit Graph

899 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Ana Guerrero
a9de2465e4 Accepting request 1180219 from X11:XOrg 
OBS-URL: https://build.opensuse.org/request/show/1180219
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=431
 2024-06-13 13:37:44 +00:00
Stefan Dirsch
2465782129 Accepting request 1180145 from home:dgarcia:branches:X11:XOrg 
- Fix python3 shebang in source python script to use specific python
  interpreter and remove dependency on /usr/bin/python3
  (bsc#1212476)

OBS-URL: https://build.opensuse.org/request/show/1180145
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=887
 2024-06-12 13:13:51 +00:00
Ana Guerrero
6a5a8cfee5 Accepting request 1166666 from X11:XOrg 
- U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
  * fixes regression for security fix for CVE-2024-31083 (bsc#1222312, 
    boo#1222442, gitlab xserver issue #1659)

OBS-URL: https://build.opensuse.org/request/show/1166666
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=430
 2024-04-11 17:40:24 +00:00
Stefan Dirsch
7cf27825ed - U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch 
* fixes regression for security fix for CVE-2024-31083 (bsc#1222312, 
    boo#1222442, gitlab xserver issue #1659)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=885
 2024-04-10 13:25:42 +00:00
Ana Guerrero
7861952257 Accepting request 1164516 from X11:XOrg 
- Security update 21.1.12
  This release addresses the following 4 security issues:
  * CVE-2024-31080
  * CVE-2024-31081
  * CVE-2024-31082
  * CVE-2024-31083
  Additionally it provides a way to disable byte-swapped clients either by
  command line flag or config option. This allows to turn off byte swapping
  code that has been a source of security problems lately.

OBS-URL: https://build.opensuse.org/request/show/1164516
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=429
 2024-04-04 20:24:46 +00:00
Stefan Dirsch
25a7aa1fcd - Security update 21.1.12 
This release addresses the following 4 security issues:
  * CVE-2024-31080
  * CVE-2024-31081
  * CVE-2024-31082
  * CVE-2024-31083
  Additionally it provides a way to disable byte-swapped clients either by
  command line flag or config option. This allows to turn off byte swapping
  code that has been a source of security problems lately.

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=883
 2024-04-04 08:26:50 +00:00
Ana Guerrero
ea487cfa07 Accepting request 1151681 from X11:XOrg 
OBS-URL: https://build.opensuse.org/request/show/1151681
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=428
 2024-02-27 21:44:47 +00:00
Stefan Dirsch
b5c8d1679f Accepting request 1151307 from home:dimstar:rpm4.20:x 
Prepare for RPM 4.20

OBS-URL: https://build.opensuse.org/request/show/1151307
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=881
 2024-02-26 13:55:25 +00:00
Ana Guerrero
f0d4ba78c8 Accepting request 1148344 from X11:XOrg 
- fix permissions of files in xorg-x11-server-source for tigervnc
  build later (needed since latest autoconf)

- Provide again xorg-x11-server-source
  * xwayland sources are not meant for a generic server.
  * https://github.com/TigerVNC/tigervnc/issues/1728

- Stop providing xorg-x11-server-source from xorg-x11-server
  * Now the sources are provided by xwayland because it is more updated.
  * Fixes bsc#1219892.

OBS-URL: https://build.opensuse.org/request/show/1148344
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=427
 2024-02-23 15:40:13 +00:00
Stefan Dirsch
acf968d516 - fix permissions of files in xorg-x11-server-source for tigervnc 
build later (needed since latest autoconf)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=879
 2024-02-20 20:40:13 +00:00
Stefan Dirsch
041c8cf369 Accepting request 1146918 from home:jtorres:branches:X11:XOrg 
- Provide again xorg-x11-server-source
  * xwayland sources are not meant for a generic server.
  * https://github.com/TigerVNC/tigervnc/issues/1728

OBS-URL: https://build.opensuse.org/request/show/1146918
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=878
 2024-02-15 18:36:36 +00:00
Stefan Dirsch
31a9dd9b98 Accepting request 1146793 from home:jtorres:branches:X11:XOrg 
- Stop providing xorg-x11-server-source from xorg-x11-server
  * Now the sources are provided by xwayland because it is more updated.
  * Fixes bsc#1219892.

OBS-URL: https://build.opensuse.org/request/show/1146793
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=877
 2024-02-15 11:54:17 +00:00
Ana Guerrero
e61d5aaba0 Accepting request 1146120 from X11:XOrg 
- Release 21.1.11 also covers fixes for security issue CVE-2022-46340
  and bug numbers bsc#1205874, bsc#1217765

- Release 21.1.11 covers fixes for the following bug numbers, which
  are not mentioned in this changelog before: bsc#1218845,
  bsc#1218846, bsc#1216261, bsc#1216133, bsc#1216135

- Release 21.1.11 supersedes the following patches still used with
  xorg-x11-server 21.1.4 on sle15-sp5/Leap 15.5 and not mentioned in
  this changelog as superseded before:
  * U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch
  * U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch
  * U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch
  * U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch
  * U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
  * U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch
  * bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch
  * bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch
  * bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch
  * bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch
  * bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch
  * bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch
  * bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch
  * U_bsc1218845-glx-Call-XACE-hooks-on-the-GLX-buffer.patch
  * U_bsc1218846-ephyr-xwayland-Use-the-proper-private-key-for-cursor.patch

- xserver sources of this release fixes segfault in Xvnc (bsc#1219311)

OBS-URL: https://build.opensuse.org/request/show/1146120
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=426
 2024-02-12 17:51:07 +00:00
Stefan Dirsch
670f3724ce - Release 21.1.11 also covers fixes for security issue CVE-2022-46340 
and bug numbers bsc#1205874, bsc#1217765

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=875
 2024-02-12 10:05:11 +00:00
Stefan Dirsch
2e97444477 - Release 21.1.11 covers fixes for the following bug numbers, which 
are not mentioned in this changelog before: bsc#1218845,
  bsc#1218846, bsc#1216261, bsc#1216133, bsc#1216135

- Release 21.1.11 supersedes the following patches still used with
  xorg-x11-server 21.1.4 on sle15-sp5/Leap 15.5 and not mentioned in
  this changelog as superseded before:
  * U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch
  * U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch
  * U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch
  * U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch
  * U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
  * U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch
  * bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch
  * bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch
  * bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch
  * bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch
  * bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch
  * bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch
  * bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch
  * U_bsc1218845-glx-Call-XACE-hooks-on-the-GLX-buffer.patch
  * U_bsc1218846-ephyr-xwayland-Use-the-proper-private-key-for-cursor.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=874
 2024-02-11 10:31:45 +00:00
Stefan Dirsch
a80075e194 - xserver sources of this release fixes segfault in Xvnc (bsc#1219311) 
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=873
 2024-02-09 20:19:15 +00:00
Ana Guerrero
974b5eefd5 Accepting request 1142261 from X11:XOrg 
- no longer (build-)require obsolete Xprint/XprintUtil

OBS-URL: https://build.opensuse.org/request/show/1142261
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=425
 2024-01-30 17:23:54 +00:00
Stefan Dirsch
17a63689f9 - no longer (build-)require obsolete Xprint/XprintUtil 
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=871
 2024-01-29 13:10:06 +00:00
Ana Guerrero
9e7dfe9bf7 Accepting request 1139223 from X11:XOrg 
- Update to version 21.1.11
  * This release contains fixes for the issues reported in today's security
    advisory: https://lists.x.org/archives/xorg/2024-January/061525.html
  * CVE-2023-6816  (bsc#1218582)
  * CVE-2024-0229  (bsc#1218583)
  * CVE-2024-21885 (bsc#1218584)
  * CVE-2024-21886 (bsc#1218585)
  * CVE-2024-0408
  * CVE-2024-0409
- supersedes the following patches
  * U_xephyr-Don-t-check-for-SeatId-anymore.patch
  * U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  * U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch

OBS-URL: https://build.opensuse.org/request/show/1139223
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=424
 2024-01-17 21:15:03 +00:00
Stefan Dirsch
eac62a3a3b - Update to version 21.1.11 
* This release contains fixes for the issues reported in today's security
    advisory: https://lists.x.org/archives/xorg/2024-January/061525.html
  * CVE-2023-6816  (bsc#1218582)
  * CVE-2024-0229  (bsc#1218583)
  * CVE-2024-21885 (bsc#1218584)
  * CVE-2024-21886 (bsc#1218585)
  * CVE-2024-0408
  * CVE-2024-0409
- supersedes the following patches
  * U_xephyr-Don-t-check-for-SeatId-anymore.patch
  * U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  * U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=869
 2024-01-16 14:20:49 +00:00
Ana Guerrero
4ac071937a Accepting request 1137765 from X11:XOrg 
- u_miCloseScreen_check_for_null_pScreen_dev_private.patch
  * miCloseScreen check for null pScreen dev private (bsc#1218176); 
    another regression introduced by 
    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch

OBS-URL: https://build.opensuse.org/request/show/1137765
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=423
 2024-01-10 20:51:05 +00:00
Dominique Leuenberger
b0f021b69e Accepting request 1137260 from X11:XOrg 
- n_xserver-optimus-autoconfig-hack.patch
  u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
  u_xfree86-activate-GPU-screens-on-autobind.patch
  * check dixPrivateKeyRegistered(rrPrivKey) before calling
    rrGetScrPriv() to avoid xserver crash when Xinerama is enabled
    (boo#1218240)
 -------------------------------------------------------------------

OBS-URL: https://build.opensuse.org/request/show/1137260
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=422
 2024-01-07 20:39:07 +00:00
Stefan Dirsch
678de8e366 - u_miCloseScreen_check_for_null_pScreen_dev_private.patch 
* miCloseScreen check for null pScreen dev private (bsc#1218176); 
    another regression introduced by 
    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=866
 2024-01-06 20:07:07 +00:00
Stefan Dirsch
605942037e - n_xserver-optimus-autoconfig-hack.patch 
u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
  u_xfree86-activate-GPU-screens-on-autobind.patch
  * check dixPrivateKeyRegistered(rrPrivKey) before calling
    rrGetScrPriv() to avoid xserver crash when Xinerama is enabled
    (boo#1218240)
 -------------------------------------------------------------------

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=865
 2024-01-06 15:21:02 +00:00
Ana Guerrero
8dca7e3f1a Accepting request 1132834 from X11:XOrg 
- U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  * Out-of-bounds memory write in XKB button actions (CVE-2023-6377, 
    ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765)
- U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
  * Out-of-bounds memory read in RRChangeOutputProperty and
    RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561,
    bsc#1217766)

OBS-URL: https://build.opensuse.org/request/show/1132834
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=421
 2023-12-14 21:02:29 +00:00
Joan Torres
cdc2ed918d Added missing fixes on U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch. 
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=863
 2023-12-13 10:09:44 +00:00
Joan Torres
d3adf84eb2 - U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch 
* Out-of-bounds memory write in XKB button actions (CVE-2023-6377, 
    ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765)
- U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
  * Out-of-bounds memory read in RRChangeOutputProperty and
    RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561,
    bsc#1217766)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=862
 2023-12-13 09:18:18 +00:00
Ana Guerrero
28b3701e72 Accepting request 1120244 from X11:XOrg 
- Update to version 21.1.9
  * This release contains fixes for CVE-2023-5367, CVE-2023-5380
    and CVE-2023-5574 as reported in today's security advisory:
    https://lists.x.org/archives/xorg-announce/2023-October/003430.html
- adjusted u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch

OBS-URL: https://build.opensuse.org/request/show/1120244
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=420
 2023-10-25 16:02:08 +00:00
Stefan Dirsch
f2b0c39e9f * This release contains fixes for CVE-2023-5367, CVE-2023-5380 
and CVE-2023-5574 as reported in today's security advisory:

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=860
 2023-10-25 12:08:03 +00:00
Stefan Dirsch
5df1139ec3 - Update to version 21.1.9 
* This release contains fixes for CVE-2023-5367 and CVE-2023-5380 as
    reported in today's security advisory:
    https://lists.x.org/archives/xorg-announce/2023-October/003430.html
- adjusted u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=859
 2023-10-25 11:29:21 +00:00
Dominique Leuenberger
b8eaf40ba1 Accepting request 1076666 from X11:XOrg 
OBS-URL: https://build.opensuse.org/request/show/1076666
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=419
 2023-04-02 17:16:56 +00:00
Stefan Dirsch
2444a577fa Accepting request 1076665 from home:iznogood:branches:X11:XOrg 
Tweak .changes entry from my previous sub - add CVE...

OBS-URL: https://build.opensuse.org/request/show/1076665
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=857
 2023-04-01 18:44:04 +00:00
Stefan Dirsch
648f5c3fe3 Accepting request 1076650 from home:iznogood:branches:X11:XOrg 
- Update to version 21.1.8:
  * composite: Fix use-after-free of the COW
  * xkbUtils: use existing symbol names instead of deleted
    deprecated ones
- Drop U_xserver-composite-Fix-use-after-free-of-the-COW.patch:
  Fixed upstream
- Switch back to tarball release, drop source service, add keyring
  and sig files.

OBS-URL: https://build.opensuse.org/request/show/1076650
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=856
 2023-04-01 17:59:31 +00:00
Dominique Leuenberger
5f4493c278 Accepting request 1075267 from X11:XOrg 
This can be checked in now https://lists.x.org/archives/xorg-announce/2023-March/003374.html

- U_xserver-composite-Fix-use-after-free-of-the-COW.patch
  * overlay window use-after-free (CVE-2023-1393, ZDI-CAN-19866,
    bsc#1209543)

OBS-URL: https://build.opensuse.org/request/show/1075267
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=418
 2023-03-30 20:50:52 +00:00
Stefan Dirsch
d2f12e3cf3 - U_xserver-composite-Fix-use-after-free-of-the-COW.patch 
* overlay window use-after-free (CVE-2023-1393, ZDI-CAN-19866,
    bsc#1209543)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=854
 2023-03-29 13:38:58 +00:00
Dominique Leuenberger
b7578ba345 Accepting request 1063640 from X11:XOrg 
- Update to version xorg-server-21.1.7:
  * This release contains the fix for CVE-2023-0494 in today's security
    advisory: 
    https://lists.x.org/archives/xorg-announce/2023-February/003320.html
    It also fixes a second possible OOB access during EnqueueEvent and a
    crasher caused by ResourceClientBits not correctly honouring the
    MaxClients value in the configuration file.
- supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch,
  U_xorg-server-oob-read-enqueue-event.patch

- U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch
  * DeepCopyPointerClasses use-after-free (CVE-2023-0494, 
    ZDI-CAN-19596, bsc#1207783)

OBS-URL: https://build.opensuse.org/request/show/1063640
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=417
 2023-02-08 16:19:52 +00:00
Stefan Dirsch
8832186295 - Update to version xorg-server-21.1.7: 
* This release contains the fix for CVE-2023-0494 in today's security
    advisory: 
    https://lists.x.org/archives/xorg-announce/2023-February/003320.html
    It also fixes a second possible OOB access during EnqueueEvent and a
    crasher caused by ResourceClientBits not correctly honouring the
    MaxClients value in the configuration file.
- supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch,
  U_xorg-server-oob-read-enqueue-event.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=852
 2023-02-07 14:51:52 +00:00
Stefan Dirsch
ac6d09dc19 - U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch 
* DeepCopyPointerClasses use-after-free (CVE-2023-0494, 
    ZDI-CAN-19596, bsc#1207783)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=851
 2023-02-07 02:58:41 +00:00
Dominique Leuenberger
d6612caf84 Accepting request 1060975 from X11:XOrg 
- rename u_xorg-server-oob-read-enqueue-event.patch to 
  U_xorg-server-oob-read-enqueue-event.patch since it's already
  upstream

- Add u_xorg-server-oob-read-enqueue-event.patch: fix an
  out-of-bounds read in EnqueueEvent.

OBS-URL: https://build.opensuse.org/request/show/1060975
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=416
 2023-01-26 12:57:05 +00:00
Stefan Dirsch
130596bd3a fixed patch name in specfile 
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=849
 2023-01-25 16:04:47 +00:00
Stefan Dirsch
07094f5b10 - rename u_xorg-server-oob-read-enqueue-event.patch to 
U_xorg-server-oob-read-enqueue-event.patch since it's already
  upstream

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=848
 2023-01-25 16:03:15 +00:00
Stefan Dirsch
8dd4b14442 Accepting request 1060712 from home:mgorse:branches:X11:XOrg 
- Add u_xorg-server-oob-read-enqueue-event.patch: fix an
  out-of-bounds read in EnqueueEvent.

OBS-URL: https://build.opensuse.org/request/show/1060712
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=847
 2023-01-25 15:59:41 +00:00
Dominique Leuenberger
efa6a83d96 Accepting request 1045913 from X11:XOrg 
OBS-URL: https://build.opensuse.org/request/show/1045913
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=415
 2023-01-01 08:38:20 +00:00
Stefan Dirsch
810aa51f71 Accepting request 1043805 from home:dirkmueller:Factory 
- Update to version xorg-server-21.1.6:
  * xserver 21.1.6
  * Xext: fix invalid event type mask in XTestSwapFakeInput
  * xkb: fix some possible memleaks in XkbGetKbdByName
  * xkb: proof GetCountedString against request length attacks
  * xquartz: Fix some formatting
  * XQuartz: stub: Call LSOpenApplication instead of fork()/exec()
- drop the following upstream patches:
  U_xkb-proof-GetCountedString-against-request-length-at.patch
  U_xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch

- Update to version xorg-server-21.1.5:
  * xkb: reset the radio_groups pointer to NULL after freeing it
  * Xi: avoid integer truncation in length check of ProcXIChangeProperty
  * Xi: return an error from XI property changes if verification failed
  * Xext: free the screen saver resource when replacing it
  * Xext: free the XvRTVideoNotify when turning off from the same client
  * Xi: disallow passive grabs with a detail > 255
  * Xtest: disallow GenericEvents in XTestSwapFakeInput
  * meson: Don't build COMPOSITE for XQuartz
  * xquartz: Move default applications list outside of the main executable
  * xquartz: Remove unused macro (X11LIBDIR)
- drop the following upstream patches:
  U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
  U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
  U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
  U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
  U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
  U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
  U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch

OBS-URL: https://build.opensuse.org/request/show/1043805
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=845
 2022-12-31 12:48:22 +00:00
Dominique Leuenberger
8cc638378f Accepting request 1042895 from X11:XOrg 
- U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
  * XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283,
    bsc#1206017)

- U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
  * Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265,
    CVE-2022-46340, bsc#1205874)
- U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
  * Xi: return an error from XI property changes if verification
    failed (no ZDI-CAN id, no CVE id, bsc#1205875)
- U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
  * Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405,
    CVE-2022-46344, bsc#1205876)
- U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
  * Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381,
    CVE-2022-46341, bsc#1205877)
- U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
  * Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404,
    CVE-2022-46343, bsc#1205878)
- U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
  * Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400,
    CVE-2022-46342, bsc#1205879)

OBS-URL: https://build.opensuse.org/request/show/1042895
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=414
 2022-12-15 18:24:14 +00:00
Stefan Dirsch
37722e6dc6 - U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch 
* XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283,
    bsc#1206017)

- U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
  * Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265,
    CVE-2022-46340, bsc#1205874)
- U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
  * Xi: return an error from XI property changes if verification
    failed (no ZDI-CAN id, no CVE id, bsc#1205875)
- U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
  * Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405,
    CVE-2022-46344, bsc#1205876)
- U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
  * Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381,
    CVE-2022-46341, bsc#1205877)
- U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
  * Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404,
    CVE-2022-46343, bsc#1205878)
- U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
  * Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400,
    CVE-2022-46342, bsc#1205879)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=843
 2022-12-14 10:48:59 +00:00
Dominique Leuenberger
810b863b86 Accepting request 1034269 from X11:XOrg 
- Release 21.1 covers bugfixes and JIRA tickets for bsc#1176015,bsc#1182510,bsc#1182884,bsc#1184072,bsc#1184543,bsc#1184906,bsc#1186092,bsc#1188970,bsc#1194159,bsc#1196577,bsc#1197046,bsc#1197269,bsc#1200076,fdo#574,jsc#SLE-18653,jsc#SLE-8470

OBS-URL: https://build.opensuse.org/request/show/1034269
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=413
 2022-11-08 09:53:43 +00:00
Stefan Dirsch
b449042e84 - Release 21.1 covers bugfixes and JIRA tickets for bsc#1176015,bsc#1182510,bsc#1182884,bsc#1184072,bsc#1184543,bsc#1184906,bsc#1186092,bsc#1188970,bsc#1194159,bsc#1196577,bsc#1197046,bsc#1197269,bsc#1200076,fdo#574,jsc#SLE-18653,jsc#SLE-8470 
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=841
 2022-11-07 15:26:36 +00:00
Dominique Leuenberger
1e0cfa540d Accepting request 1034184 from X11:XOrg 
- Release 21.1 supersedes the following patches still used with
  xorg-x11-server 1.20.3 on sle15-sp4/Leap 15.4:
  * U_0002-DRI2-Add-another-Coffeelake-PCI-ID.patch
  * U_0002-Fix-crash-on-XkbSetMap.patch
  * U_0003-Fix-crash-on-XkbSetMap.patch
  * U_0003-dri2-Sync-i965_pci_ids.h-from-mesa.patch
  * U_0004-dri2-Set-fallback-driver-names-for-Intel-and-AMD-chi.patch
  * U_0005-dri2-Sync-i965_pci_ids.h-from-mesa-iris_pci_ids.h.patch
  * U_build-glx-Lower-gl-version-to-work-with-libglvnd.patch
  * U_glamor-Make-pixmap-exportable-from-gbm_bo_from_pixma.patch
  * U_hw_do-not-include-sys-io-with-glibc.patch
  * U_meson-Fix-another-reference-to-gl-9.2.0.patch
  * U_modesetting-Fix-broken-manpage-in-autoconf-build.patch
  * U_present-wnmd-Fix-use-after-free-on-CRTC-removal.patch
  * U_present-wnmd-Relax-assertion-on-CRTC-on-abort_vblank.patch
  * U_xfree86-Change-displays-array-to-pointers-array-to-f.patch
  * U_xfree86-Fix-NULL-pointer-dereference-crash.patch
  * U_xkbsetdeviceinfo.patch
  * u_sync-pci-ids-with-Mesa-21.2.4.patch
  * u_xf86-Accept-devices-with-the-simpledrm-driver.patch
  * u_xichangehierarchy-CVE-2020-14346.patch
  * u_xkb-CVE-2020-14345.patch
  * u_xkb-CVE-2020-14360.patch

OBS-URL: https://build.opensuse.org/request/show/1034184
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=412
 2022-11-07 14:55:55 +00:00
Stefan Dirsch
eddda1e7f0 No relevant changes 
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=839
 2022-11-07 12:36:09 +00:00