pool/xwayland
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Update to version 24.1.6:

Browse Source 
* This release contains the fixes for the issues reported in
    today's security advisory: https://lists.x.org/archives/xorg-announce/2025-February/003584.html
    CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597,
    CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601.
  * Additionally, it reverts a recent Xkb change to fix an issue
    with gamescope.
- Drop patches fixed upstream:
  * U_CVE-2025-26594-0001-Cursor-Refuse-to-free-the-root-cursor.patch
  * U_CVE-2025-26594-0002-dix-keep-a-ref-to-the-rootCursor.patch
  * U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch
  * U_CVE-2025-26596-0001-xkb-Fix-computation-of-XkbSizeKeySyms.patch
  * U_CVE-2025-26597-0001-xkb-Fix-buffer-overflow-in-XkbChangeTypesOfKey.patch
  * U_CVE-2025-26598-0001-Xi-Fix-barrier-device-search.patch
  * U_CVE-2025-26599-0001-composite-Handle-failure-to-redirect-in-compRedirect.patch
  * U_CVE-2025-26599-0002-composite-initialize-border-clip-even-when-pixmap-al.patch
  * U_CVE-2025-26600-0001-dix-Dequeue-pending-events-on-frozen-device-on-remov.patch
  * U_CVE-2025-26601-0001-sync-Do-not-let-sync-objects-uninitialized.patch
  * U_CVE-2025-26601-0002-sync-Check-values-before-applying-changes.patch
  * U_CVE-2025-26601-0003-sync-Do-not-fail-SyncAddTriggerToSyncObject.patch
  * U_CVE-2025-26601-0004-sync-Apply-changes-last-in-SyncChangeAlarmAttributes.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xwayland?expand=0&rev=100
This commit is contained in:
Stefan Dirsch 2025-02-26 18:05:32 +00:00 committed by Git OBS Bridge
commit ed85a28b3f
30 changed files with 2090 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

49
U_CVE-2025-26594-0001-Cursor-Refuse-to-free-the-root-cursor.patch Normal file
View File

@ -0,0 +1,49 @@
From efca605c45ff51b57f136222b966ce1d610ebc33 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Wed, 27 Nov 2024 11:27:05 +0100
Subject: [PATCH xserver 1/2] Cursor: Refuse to free the root cursor
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If a cursor reference count drops to 0, the cursor is freed.
The root cursor however is referenced with a specific global variable,
and when the root cursor is freed, the global variable may still point
to freed memory.
Make sure to prevent the rootCursor from being explicitly freed by a
client.
CVE-2025-26594, ZDI-CAN-25544
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
v2: Explicitly forbid XFreeCursor() on the root cursor (Peter Hutterer
<peter.hutterer@who-t.net>)
v3: Return BadCursor instead of BadValue (Michel Dänzer
<michel@daenzer.net>)
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Suggested-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
dix/dispatch.c | 4 ++++
1 file changed, 4 insertions(+)
Index: xwayland-24.1.4/dix/dispatch.c
===================================================================
--- xwayland-24.1.4.orig/dix/dispatch.c
+++ xwayland-24.1.4/dix/dispatch.c
@@ -3106,6 +3106,10 @@ ProcFreeCursor(ClientPtr client)
rc = dixLookupResourceByType((void **) &pCursor, stuff->id, RT_CURSOR,
client, DixDestroyAccess);
if (rc == Success) {
+ if (pCursor == rootCursor) {
+ client->errorValue = stuff->id;
+ return BadCursor;
+ }
FreeResource(stuff->id, RT_NONE);
return Success;
}

43
U_CVE-2025-26594-0002-dix-keep-a-ref-to-the-rootCursor.patch Normal file
View File

@ -0,0 +1,43 @@
From ded614e74e7175927dd2bc5ef69accaf2de29939 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed, 4 Dec 2024 15:49:43 +1000
Subject: [PATCH xserver 2/2] dix: keep a ref to the rootCursor
CreateCursor returns a cursor with refcount 1 - that refcount is used by
the resource system, any caller needs to call RefCursor to get their own
reference. That happens correctly for normal cursors but for our
rootCursor we keep a variable to the cursor despite not having a ref for
ourselves.
Fix this by reffing/unreffing the rootCursor to ensure our pointer is
valid.
Related to CVE-2025-26594, ZDI-CAN-25544
Reviewed-by: Olivier Fourdan <ofourdan@redhat.com>
---
dix/main.c | 4 ++++
1 file changed, 4 insertions(+)
Index: xwayland-24.1.4/dix/main.c
===================================================================
--- xwayland-24.1.4.orig/dix/main.c
+++ xwayland-24.1.4/dix/main.c
@@ -234,6 +234,8 @@ dix_main(int argc, char *argv[], char *e
FatalError("could not open default cursor font");
}
+ rootCursor = RefCursor(rootCursor);
+
#ifdef PANORAMIX
/*
* Consolidate window and colourmap information for each screen
@@ -274,6 +276,8 @@ dix_main(int argc, char *argv[], char *e
Dispatch();
+ UnrefCursor(rootCursor);
+
UndisplayDevices();
DisableAllDevices();

57
U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch Normal file
View File

@ -0,0 +1,57 @@
From 98602942c143075ab7464f917e0fc5d31ce28c3f Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Wed, 27 Nov 2024 14:41:45 +0100
Subject: [PATCH xserver] xkb: Fix buffer overflow in XkbVModMaskText()
The code in XkbVModMaskText() allocates a fixed sized buffer on the
stack and copies the virtual mod name.
There's actually two issues in the code that can lead to a buffer
overflow.
First, the bound check mixes pointers and integers using misplaced
parenthesis, defeating the bound check.
But even though, if the check fails, the data is still copied, so the
stack overflow will occur regardless.
Change the logic to skip the copy entirely if the bound check fails.
CVE-2025-26595, ZDI-CAN-25545
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
xkb/xkbtext.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
Index: xwayland-24.1.4/xkb/xkbtext.c
===================================================================
--- xwayland-24.1.4.orig/xkb/xkbtext.c
+++ xwayland-24.1.4/xkb/xkbtext.c
@@ -174,14 +174,14 @@ XkbVModMaskText(XkbDescPtr xkb,
len = strlen(tmp) + 1 + (str == buf ? 0 : 1);
if (format == XkbCFile)
len += 4;
- if ((str - (buf + len)) <= VMOD_BUFFER_SIZE) {
- if (str != buf) {
- if (format == XkbCFile)
- *str++ = '|';
- else
- *str++ = '+';
- len--;
- }
+ if ((str - buf) + len > VMOD_BUFFER_SIZE)
+ continue; /* Skip */
+ if (str != buf) {
+ if (format == XkbCFile)
+ *str++ = '|';
+ else
+ *str++ = '+';
+ len--;
}
if (format == XkbCFile)
sprintf(str, "%sMask", tmp);

41
U_CVE-2025-26596-0001-xkb-Fix-computation-of-XkbSizeKeySyms.patch Normal file
View File

@ -0,0 +1,41 @@
From b41f6fce201e77a174550935330e2f7772d4adf9 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Thu, 28 Nov 2024 11:49:34 +0100
Subject: [PATCH xserver] xkb: Fix computation of XkbSizeKeySyms
The computation of the length in XkbSizeKeySyms() differs from what is
actually written in XkbWriteKeySyms(), leading to a heap overflow.
Fix the calculation in XkbSizeKeySyms() to match what kbWriteKeySyms()
does.
CVE-2025-26596, ZDI-CAN-25543
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
xkb/xkb.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
Index: xwayland-24.1.4/xkb/xkb.c
===================================================================
--- xwayland-24.1.4.orig/xkb/xkb.c
+++ xwayland-24.1.4/xkb/xkb.c
@@ -1092,10 +1092,10 @@ XkbSizeKeySyms(XkbDescPtr xkb, xkbGetMap
len = rep->nKeySyms * SIZEOF(xkbSymMapWireDesc);
symMap = &xkb->map->key_sym_map[rep->firstKeySym];
for (i = nSyms = 0; i < rep->nKeySyms; i++, symMap++) {
- if (symMap->offset != 0) {
- nSymsThisKey = XkbNumGroups(symMap->group_info) * symMap->width;
- nSyms += nSymsThisKey;
- }
+ nSymsThisKey = XkbNumGroups(symMap->group_info) * symMap->width;
+ if (nSymsThisKey == 0)
+ continue;
+ nSyms += nSymsThisKey;
}
len += nSyms * 4;
rep->totalSyms = nSyms;

38
U_CVE-2025-26597-0001-xkb-Fix-buffer-overflow-in-XkbChangeTypesOfKey.patch Normal file
View File

@ -0,0 +1,38 @@
From c5114475db18f29d639537d60e135bdfc11a5d3a Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Thu, 28 Nov 2024 14:09:04 +0100
Subject: [PATCH xserver] xkb: Fix buffer overflow in XkbChangeTypesOfKey()
If XkbChangeTypesOfKey() is called with nGroups == 0, it will resize the
key syms to 0 but leave the key actions unchanged.
If later, the same function is called with a non-zero value for nGroups,
this will cause a buffer overflow because the key actions are of the wrong
size.
To avoid the issue, make sure to resize both the key syms and key actions
when nGroups is 0.
CVE-2025-26597, ZDI-CAN-25683
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
xkb/XKBMisc.c | 1 +
1 file changed, 1 insertion(+)
Index: xwayland-24.1.4/xkb/XKBMisc.c
===================================================================
--- xwayland-24.1.4.orig/xkb/XKBMisc.c
+++ xwayland-24.1.4/xkb/XKBMisc.c
@@ -552,6 +552,7 @@ XkbChangeTypesOfKey(XkbDescPtr xkb,
i = XkbSetNumGroups(i, 0);
xkb->map->key_sym_map[key].group_info = i;
XkbResizeKeySyms(xkb, key, 0);
+ XkbResizeKeyActions(xkb, key, 0);
return Success;
}

112
U_CVE-2025-26598-0001-Xi-Fix-barrier-device-search.patch Normal file
View File

@ -0,0 +1,112 @@
From 0f5ea9d269ac6225bcb302a1ec0f58878114da9f Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Mon, 16 Dec 2024 11:25:11 +0100
Subject: [PATCH xserver] Xi: Fix barrier device search
The function GetBarrierDevice() would search for the pointer device
based on its device id and return the matching value, or supposedly NULL
if no match was found.
Unfortunately, as written, it would return the last element of the list
if no matching device id was found which can lead to out of bounds
memory access.
Fix the search function to return NULL if not matching device is found,
and adjust the callers to handle the case where the device cannot be
found.
CVE-2025-26598, ZDI-CAN-25740
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
Xi/xibarriers.c | 27 +++++++++++++++++++++++----
1 file changed, 23 insertions(+), 4 deletions(-)
Index: xwayland-24.1.4/Xi/xibarriers.c
===================================================================
--- xwayland-24.1.4.orig/Xi/xibarriers.c
+++ xwayland-24.1.4/Xi/xibarriers.c
@@ -129,14 +129,15 @@ static void FreePointerBarrierClient(str
static struct PointerBarrierDevice *GetBarrierDevice(struct PointerBarrierClient *c, int deviceid)
{
- struct PointerBarrierDevice *pbd = NULL;
+ struct PointerBarrierDevice *p, *pbd = NULL;
- xorg_list_for_each_entry(pbd, &c->per_device, entry) {
- if (pbd->deviceid == deviceid)
+ xorg_list_for_each_entry(p, &c->per_device, entry) {
+ if (p->deviceid == deviceid) {
+ pbd = p;
break;
+ }
}
- BUG_WARN(!pbd);
return pbd;
}
@@ -337,6 +338,9 @@ barrier_find_nearest(BarrierScreenPtr cs
double distance;
pbd = GetBarrierDevice(c, dev->id);
+ if (!pbd)
+ continue;
+
if (pbd->seen)
continue;
@@ -445,6 +449,9 @@ input_constrain_cursor(DeviceIntPtr dev,
nearest = &c->barrier;
pbd = GetBarrierDevice(c, master->id);
+ if (!pbd)
+ continue;
+
new_sequence = !pbd->hit;
pbd->seen = TRUE;
@@ -485,6 +492,9 @@ input_constrain_cursor(DeviceIntPtr dev,
int flags = 0;
pbd = GetBarrierDevice(c, master->id);
+ if (!pbd)
+ continue;
+
pbd->seen = FALSE;
if (!pbd->hit)
continue;
@@ -679,6 +689,9 @@ BarrierFreeBarrier(void *data, XID id)
continue;
pbd = GetBarrierDevice(c, dev->id);
+ if (!pbd)
+ continue;
+
if (!pbd->hit)
continue;
@@ -738,6 +751,8 @@ static void remove_master_func(void *res
barrier = container_of(b, struct PointerBarrierClient, barrier);
pbd = GetBarrierDevice(barrier, *deviceid);
+ if (!pbd)
+ return;
if (pbd->hit) {
BarrierEvent ev = {
@@ -903,6 +918,10 @@ ProcXIBarrierReleasePointer(ClientPtr cl
barrier = container_of(b, struct PointerBarrierClient, barrier);
pbd = GetBarrierDevice(barrier, dev->id);
+ if (!pbd) {
+ client->errorValue = dev->id;
+ return BadDevice;
+ }
if (pbd->barrier_event_id == event_id)
pbd->release_event_id = event_id;

59
U_CVE-2025-26599-0001-composite-Handle-failure-to-redirect-in-compRedirect.patch Normal file
View File

@ -0,0 +1,59 @@
From 10a24e364ac15983051d0bb90817c88bbe107036 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Tue, 17 Dec 2024 15:19:45 +0100
Subject: [PATCH xserver 1/2] composite: Handle failure to redirect in
compRedirectWindow()
The function compCheckRedirect() may fail if it cannot allocate the
backing pixmap.
In that case, compRedirectWindow() will return a BadAlloc error.
However that failure code path will shortcut the validation of the
window tree marked just before, which leaves the validate data partly
initialized.
That causes a use of uninitialized pointer later.
The fix is to not shortcut the call to compHandleMarkedWindows() even in
the case of compCheckRedirect() returning an error.
CVE-2025-26599, ZDI-CAN-25851
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Acked-by: Peter Hutterer <peter.hutterer@who-t.net>
---
composite/compalloc.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
Index: xwayland-24.1.4/composite/compalloc.c
===================================================================
--- xwayland-24.1.4.orig/composite/compalloc.c
+++ xwayland-24.1.4/composite/compalloc.c
@@ -140,6 +140,7 @@ compRedirectWindow(ClientPtr pClient, Wi
CompScreenPtr cs = GetCompScreen(pWin->drawable.pScreen);
WindowPtr pLayerWin;
Bool anyMarked = FALSE;
+ int status = Success;
if (pWin == cs->pOverlayWin) {
return Success;
@@ -218,13 +219,13 @@ compRedirectWindow(ClientPtr pClient, Wi
if (!compCheckRedirect(pWin)) {
FreeResource(ccw->id, RT_NONE);
- return BadAlloc;
+ status = BadAlloc;
}
if (anyMarked)
compHandleMarkedWindows(pWin, pLayerWin);
- return Success;
+ return status;
}
void

121
U_CVE-2025-26599-0002-composite-initialize-border-clip-even-when-pixmap-al.patch Normal file
View File

@ -0,0 +1,121 @@
From f5ce639ff9d3af05e79efce6c51e084352d28ed1 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Mon, 13 Jan 2025 16:09:43 +0100
Subject: [PATCH xserver 2/2] composite: initialize border clip even when
pixmap alloc fails
If it fails to allocate the pixmap, the function compAllocPixmap() would
return early and leave the borderClip region uninitialized, which may
lead to the use of uninitialized value as reported by valgrind:
Conditional jump or move depends on uninitialised value(s)
at 0x4F9B33: compClipNotify (compwindow.c:317)
by 0x484FC9: miComputeClips (mivaltree.c:476)
by 0x48559A: miValidateTree (mivaltree.c:679)
by 0x4F0685: MapWindow (window.c:2693)
by 0x4A344A: ProcMapWindow (dispatch.c:922)
by 0x4A25B5: Dispatch (dispatch.c:560)
by 0x4B082A: dix_main (main.c:282)
by 0x429233: main (stubmain.c:34)
Uninitialised value was created by a heap allocation
at 0x4841866: malloc (vg_replace_malloc.c:446)
by 0x4F47BC: compRedirectWindow (compalloc.c:171)
by 0x4FA8AD: compCreateWindow (compwindow.c:592)
by 0x4EBB89: CreateWindow (window.c:925)
by 0x4A2E6E: ProcCreateWindow (dispatch.c:768)
by 0x4A25B5: Dispatch (dispatch.c:560)
by 0x4B082A: dix_main (main.c:282)
by 0x429233: main (stubmain.c:34)
Conditional jump or move depends on uninitialised value(s)
at 0x48EEDBC: pixman_region_translate (pixman-region.c:2233)
by 0x4F9255: RegionTranslate (regionstr.h:312)
by 0x4F9B7E: compClipNotify (compwindow.c:319)
by 0x484FC9: miComputeClips (mivaltree.c:476)
by 0x48559A: miValidateTree (mivaltree.c:679)
by 0x4F0685: MapWindow (window.c:2693)
by 0x4A344A: ProcMapWindow (dispatch.c:922)
by 0x4A25B5: Dispatch (dispatch.c:560)
by 0x4B082A: dix_main (main.c:282)
by 0x429233: main (stubmain.c:34)
Uninitialised value was created by a heap allocation
at 0x4841866: malloc (vg_replace_malloc.c:446)
by 0x4F47BC: compRedirectWindow (compalloc.c:171)
by 0x4FA8AD: compCreateWindow (compwindow.c:592)
by 0x4EBB89: CreateWindow (window.c:925)
by 0x4A2E6E: ProcCreateWindow (dispatch.c:768)
by 0x4A25B5: Dispatch (dispatch.c:560)
by 0x4B082A: dix_main (main.c:282)
by 0x429233: main (stubmain.c:34)
Conditional jump or move depends on uninitialised value(s)
at 0x48EEE33: UnknownInlinedFun (pixman-region.c:2241)
by 0x48EEE33: pixman_region_translate (pixman-region.c:2225)
by 0x4F9255: RegionTranslate (regionstr.h:312)
by 0x4F9B7E: compClipNotify (compwindow.c:319)
by 0x484FC9: miComputeClips (mivaltree.c:476)
by 0x48559A: miValidateTree (mivaltree.c:679)
by 0x4F0685: MapWindow (window.c:2693)
by 0x4A344A: ProcMapWindow (dispatch.c:922)
by 0x4A25B5: Dispatch (dispatch.c:560)
by 0x4B082A: dix_main (main.c:282)
by 0x429233: main (stubmain.c:34)
Uninitialised value was created by a heap allocation
at 0x4841866: malloc (vg_replace_malloc.c:446)
by 0x4F47BC: compRedirectWindow (compalloc.c:171)
by 0x4FA8AD: compCreateWindow (compwindow.c:592)
by 0x4EBB89: CreateWindow (window.c:925)
by 0x4A2E6E: ProcCreateWindow (dispatch.c:768)
by 0x4A25B5: Dispatch (dispatch.c:560)
by 0x4B082A: dix_main (main.c:282)
by 0x429233: main (stubmain.c:34)
Fix compAllocPixmap() to initialize the border clip even if the creation
of the backing pixmap has failed, to avoid depending later on
uninitialized border clip values.
Related to CVE-2025-26599, ZDI-CAN-25851
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Acked-by: Peter Hutterer <peter.hutterer@who-t.net>
---
composite/compalloc.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
Index: xwayland-24.1.4/composite/compalloc.c
===================================================================
--- xwayland-24.1.4.orig/composite/compalloc.c
+++ xwayland-24.1.4/composite/compalloc.c
@@ -606,9 +606,12 @@ compAllocPixmap(WindowPtr pWin)
int h = pWin->drawable.height + (bw << 1);
PixmapPtr pPixmap = compNewPixmap(pWin, x, y, w, h);
CompWindowPtr cw = GetCompWindow(pWin);
+ Bool status;
- if (!pPixmap)
- return FALSE;
+ if (!pPixmap) {
+ status = FALSE;
+ goto out;
+ }
if (cw->update == CompositeRedirectAutomatic)
pWin->redirectDraw = RedirectDrawAutomatic;
else
@@ -622,14 +625,16 @@ compAllocPixmap(WindowPtr pWin)
DamageRegister(&pWin->drawable, cw->damage);
cw->damageRegistered = TRUE;
}
+ status = TRUE;
+out:
/* Make sure our borderClip is up to date */
RegionUninit(&cw->borderClip);
RegionCopy(&cw->borderClip, &pWin->borderClip);
cw->borderClipX = pWin->drawable.x;
cw->borderClipY = pWin->drawable.y;
- return TRUE;
+ return status;
}
void

61
U_CVE-2025-26600-0001-dix-Dequeue-pending-events-on-frozen-device-on-remov.patch Normal file
View File

@ -0,0 +1,61 @@
From 70ad5d36ae80f6e5a436eabfee642c2c013e51cc Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Mon, 16 Dec 2024 16:18:04 +0100
Subject: [PATCH xserver] dix: Dequeue pending events on frozen device on
removal
When a device is removed while still frozen, the events queued for that
device remain while the device itself is freed.
As a result, replaying the events will cause a use after free.
To avoid the issue, make sure to dequeue and free any pending events on
a frozen device when removed.
CVE-2025-26600, ZDI-CAN-25871
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
dix/devices.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
Index: xwayland-24.1.4/dix/devices.c
===================================================================
--- xwayland-24.1.4.orig/dix/devices.c
+++ xwayland-24.1.4/dix/devices.c
@@ -981,6 +981,23 @@ FreeAllDeviceClasses(ClassesPtr classes)
}
+static void
+FreePendingFrozenDeviceEvents(DeviceIntPtr dev)
+{
+ QdEventPtr qe, tmp;
+
+ if (!dev->deviceGrab.sync.frozen)
+ return;
+
+ /* Dequeue any frozen pending events */
+ xorg_list_for_each_entry_safe(qe, tmp, &syncEvents.pending, next) {
+ if (qe->device == dev) {
+ xorg_list_del(&qe->next);
+ free(qe);
+ }
+ }
+}
+
/**
* Close down a device and free all resources.
* Once closed down, the driver will probably not expect you that you'll ever
@@ -1045,6 +1062,7 @@ CloseDevice(DeviceIntPtr dev)
valuator_mask_free(&dev->last.touches[j].valuators);
free(dev->last.touches);
dev->config_info = NULL;
+ FreePendingFrozenDeviceEvents(dev);
dixFreePrivates(dev->devPrivates, PRIVATE_DEVICE);
free(dev);
}

66
U_CVE-2025-26601-0001-sync-Do-not-let-sync-objects-uninitialized.patch Normal file
View File

@ -0,0 +1,66 @@
From 573a2265aacfeaddcc1bb001905a6f7d4fa15ee6 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Mon, 20 Jan 2025 16:52:01 +0100
Subject: [PATCH xserver 1/4] sync: Do not let sync objects uninitialized
When changing an alarm, the change mask values are evaluated one after
the other, changing the trigger values as requested and eventually,
SyncInitTrigger() is called.
SyncInitTrigger() will evaluate the XSyncCACounter first and may free
the existing sync object.
Other changes are then evaluated and may trigger an error and an early
return, not adding the new sync object.
This can be used to cause a use after free when the alarm eventually
triggers.
To avoid the issue, delete the existing sync object as late as possible
only once we are sure that no further error will cause an early exit.
CVE-2025-26601, ZDI-CAN-25870
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
Xext/sync.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/Xext/sync.c b/Xext/sync.c
index b6417b3b0..4267d3af6 100644
--- a/Xext/sync.c
+++ b/Xext/sync.c
@@ -330,11 +330,6 @@ SyncInitTrigger(ClientPtr client, SyncTrigger * pTrigger, XID syncObject,
client->errorValue = syncObject;
return rc;
}
- if (pSync != pTrigger->pSync) { /* new counter for trigger */
- SyncDeleteTriggerFromSyncObject(pTrigger);
- pTrigger->pSync = pSync;
- newSyncObject = TRUE;
- }
}
/* if system counter, ask it what the current value is */
@@ -402,6 +397,14 @@ SyncInitTrigger(ClientPtr client, SyncTrigger * pTrigger, XID syncObject,
}
}
+ if (changes & XSyncCACounter) {
+ if (pSync != pTrigger->pSync) { /* new counter for trigger */
+ SyncDeleteTriggerFromSyncObject(pTrigger);
+ pTrigger->pSync = pSync;
+ newSyncObject = TRUE;
+ }
+ }
+
/* we wait until we're sure there are no errors before registering
* a new counter on a trigger
*/
--
2.48.1

80
U_CVE-2025-26601-0002-sync-Check-values-before-applying-changes.patch Normal file
View File

@ -0,0 +1,80 @@
From 7dc3f11abb51cad8a59ecbff5278c8c8a318df41 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Mon, 20 Jan 2025 16:54:30 +0100
Subject: [PATCH xserver 2/4] sync: Check values before applying changes
In SyncInitTrigger(), we would set the CheckTrigger function before
validating the counter value.
As a result, if the counter value overflowed, we would leave the
function SyncInitTrigger() with the CheckTrigger applied but without
updating the trigger object.
To avoid that issue, move the portion of code checking for the trigger
check value before updating the CheckTrigger function.
Related to CVE-2025-26601, ZDI-CAN-25870
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
Xext/sync.c | 36 ++++++++++++++++++------------------
1 file changed, 18 insertions(+), 18 deletions(-)
diff --git a/Xext/sync.c b/Xext/sync.c
index 4267d3af6..4eab5a6ac 100644
--- a/Xext/sync.c
+++ b/Xext/sync.c
@@ -351,6 +351,24 @@ SyncInitTrigger(ClientPtr client, SyncTrigger * pTrigger, XID syncObject,
}
}
+ if (changes & (XSyncCAValueType | XSyncCAValue)) {
+ if (pTrigger->value_type == XSyncAbsolute)
+ pTrigger->test_value = pTrigger->wait_value;
+ else { /* relative */
+ Bool overflow;
+
+ if (pCounter == NULL)
+ return BadMatch;
+
+ overflow = checked_int64_add(&pTrigger->test_value,
+ pCounter->value, pTrigger->wait_value);
+ if (overflow) {
+ client->errorValue = pTrigger->wait_value >> 32;
+ return BadValue;
+ }
+ }
+ }
+
if (changes & XSyncCATestType) {
if (pSync && SYNC_FENCE == pSync->type) {
@@ -379,24 +397,6 @@ SyncInitTrigger(ClientPtr client, SyncTrigger * pTrigger, XID syncObject,
}
}
- if (changes & (XSyncCAValueType | XSyncCAValue)) {
- if (pTrigger->value_type == XSyncAbsolute)
- pTrigger->test_value = pTrigger->wait_value;
- else { /* relative */
- Bool overflow;
-
- if (pCounter == NULL)
- return BadMatch;
-
- overflow = checked_int64_add(&pTrigger->test_value,
- pCounter->value, pTrigger->wait_value);
- if (overflow) {
- client->errorValue = pTrigger->wait_value >> 32;
- return BadValue;
- }
- }
- }
-
if (changes & XSyncCACounter) {
if (pSync != pTrigger->pSync) { /* new counter for trigger */
SyncDeleteTriggerFromSyncObject(pTrigger);
--
2.48.1

47
U_CVE-2025-26601-0003-sync-Do-not-fail-SyncAddTriggerToSyncObject.patch Normal file
View File

@ -0,0 +1,47 @@
From 4ccaa5134482b6be9c9a7f0b66cd221ef325d082 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Mon, 20 Jan 2025 17:06:07 +0100
Subject: [PATCH xserver 3/4] sync: Do not fail SyncAddTriggerToSyncObject()
We do not want to return a failure at the very last step in
SyncInitTrigger() after having all changes applied.
SyncAddTriggerToSyncObject() must not fail on memory allocation, if the
allocation of the SyncTriggerList fails, trigger a FatalError() instead.
Related to CVE-2025-26601, ZDI-CAN-25870
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
Xext/sync.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/Xext/sync.c b/Xext/sync.c
index 4eab5a6ac..c36de1a2e 100644
--- a/Xext/sync.c
+++ b/Xext/sync.c
@@ -200,8 +200,8 @@ SyncAddTriggerToSyncObject(SyncTrigger * pTrigger)
return Success;
}
- if (!(pCur = malloc(sizeof(SyncTriggerList))))
- return BadAlloc;
+ /* Failure is not an option, it's succeed or burst! */
+ pCur = XNFalloc(sizeof(SyncTriggerList));
pCur->pTrigger = pTrigger;
pCur->next = pTrigger->pSync->pTriglist;
@@ -409,8 +409,7 @@ SyncInitTrigger(ClientPtr client, SyncTrigger * pTrigger, XID syncObject,
* a new counter on a trigger
*/
if (newSyncObject) {
- if ((rc = SyncAddTriggerToSyncObject(pTrigger)) != Success)
- return rc;
+ SyncAddTriggerToSyncObject(pTrigger);
}
else if (pCounter && IsSystemCounter(pCounter)) {
SyncComputeBracketValues(pCounter);
--
2.48.1

128
U_CVE-2025-26601-0004-sync-Apply-changes-last-in-SyncChangeAlarmAttributes.patch Normal file
View File

@ -0,0 +1,128 @@
From f0984082067f79b45383fa1eb889c6a901667331 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Mon, 20 Jan 2025 17:10:31 +0100
Subject: [PATCH xserver 4/4] sync: Apply changes last in
SyncChangeAlarmAttributes()
SyncChangeAlarmAttributes() would apply the various changes while
checking for errors.
If one of the changes triggers an error, the changes for the trigger,
counter or delta value would remain, possibly leading to inconsistent
changes.
Postpone the actual changes until we're sure nothing else can go wrong.
Related to CVE-2025-26601, ZDI-CAN-25870
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
Xext/sync.c | 42 +++++++++++++++++++++++++++---------------
1 file changed, 27 insertions(+), 15 deletions(-)
diff --git a/Xext/sync.c b/Xext/sync.c
index c36de1a2e..e282e6657 100644
--- a/Xext/sync.c
+++ b/Xext/sync.c
@@ -800,8 +800,14 @@ SyncChangeAlarmAttributes(ClientPtr client, SyncAlarm * pAlarm, Mask mask,
int status;
XSyncCounter counter;
Mask origmask = mask;
+ SyncTrigger trigger;
+ Bool select_events_changed = FALSE;
+ Bool select_events_value;
+ int64_t delta;
- counter = pAlarm->trigger.pSync ? pAlarm->trigger.pSync->id : None;
+ trigger = pAlarm->trigger;
+ delta = pAlarm->delta;
+ counter = trigger.pSync ? trigger.pSync->id : None;
while (mask) {
int index2 = lowbit(mask);
@@ -817,24 +823,24 @@ SyncChangeAlarmAttributes(ClientPtr client, SyncAlarm * pAlarm, Mask mask,
case XSyncCAValueType:
mask &= ~XSyncCAValueType;
/* sanity check in SyncInitTrigger */
- pAlarm->trigger.value_type = *values++;
+ trigger.value_type = *values++;
break;
case XSyncCAValue:
mask &= ~XSyncCAValue;
- pAlarm->trigger.wait_value = ((int64_t)values[0] << 32) | values[1];
+ trigger.wait_value = ((int64_t)values[0] << 32) | values[1];
values += 2;
break;
case XSyncCATestType:
mask &= ~XSyncCATestType;
/* sanity check in SyncInitTrigger */
- pAlarm->trigger.test_type = *values++;
+ trigger.test_type = *values++;
break;
case XSyncCADelta:
mask &= ~XSyncCADelta;
- pAlarm->delta = ((int64_t)values[0] << 32) | values[1];
+ delta = ((int64_t)values[0] << 32) | values[1];
values += 2;
break;
@@ -844,10 +850,8 @@ SyncChangeAlarmAttributes(ClientPtr client, SyncAlarm * pAlarm, Mask mask,
client->errorValue = *values;
return BadValue;
}
- status = SyncEventSelectForAlarm(pAlarm, client,
- (Bool) (*values++));
- if (status != Success)
- return status;
+ select_events_value = (Bool) (*values++);
+ select_events_changed = TRUE;
break;
default:
@@ -856,25 +860,33 @@ SyncChangeAlarmAttributes(ClientPtr client, SyncAlarm * pAlarm, Mask mask,
}
}
+ if (select_events_changed) {
+ status = SyncEventSelectForAlarm(pAlarm, client, select_events_value);
+ if (status != Success)
+ return status;
+ }
+
/* "If the test-type is PositiveComparison or PositiveTransition
* and delta is less than zero, or if the test-type is
* NegativeComparison or NegativeTransition and delta is
* greater than zero, a Match error is generated."
*/
if (origmask & (XSyncCADelta | XSyncCATestType)) {
- if ((((pAlarm->trigger.test_type == XSyncPositiveComparison) ||
- (pAlarm->trigger.test_type == XSyncPositiveTransition))
- && pAlarm->delta < 0)
+ if ((((trigger.test_type == XSyncPositiveComparison) ||
+ (trigger.test_type == XSyncPositiveTransition))
+ && delta < 0)
||
- (((pAlarm->trigger.test_type == XSyncNegativeComparison) ||
- (pAlarm->trigger.test_type == XSyncNegativeTransition))
- && pAlarm->delta > 0)
+ (((trigger.test_type == XSyncNegativeComparison) ||
+ (trigger.test_type == XSyncNegativeTransition))
+ && delta > 0)
) {
return BadMatch;
}
}
/* postpone this until now, when we're sure nothing else can go wrong */
+ pAlarm->delta = delta;
+ pAlarm->trigger = trigger;
if ((status = SyncInitTrigger(client, &pAlarm->trigger, counter, RTCounter,
origmask & XSyncCAAllTrigger)) != Success)
return status;
--
2.48.1

3
xwayland-24.1.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:bef21c4f18807a4ed571c4e2df60ab63b5466bbd502ecceb2485b892ab76dcc2
size 1301180

BIN
xwayland-24.1.0.tar.xz.sig Normal file
View File

Binary file not shown.

3
xwayland-24.1.1.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7125bee0b10335805d7f5ba57dfaa359a7850af1a68524f1d97b362741a51832
size 1301652

BIN
xwayland-24.1.1.tar.xz.sig Normal file
View File

Binary file not shown.

3
xwayland-24.1.3.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:dcdb57a66cc9b124c8f936760592628ac4e744a7d7b3179aa86189ad7ea4cb10
size 1302164

BIN
xwayland-24.1.3.tar.xz.sig Normal file
View File

Binary file not shown.

BIN
xwayland-24.1.4.tar.xz (Stored with Git LFS) Normal file
View File

Binary file not shown.

BIN
xwayland-24.1.4.tar.xz.sig Normal file
View File

Binary file not shown.

3
xwayland-24.1.5.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cb4bd170e6fa6b545ba0567be8f693d2eeccfc62d04c67037dd14f06daad361d
size 1302484

BIN
xwayland-24.1.5.tar.xz.sig Normal file
View File

Binary file not shown.

3
xwayland-24.1.6.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:737e612ca36bbdf415a911644eb7592cf9389846847b47fa46dc705bd754d2d7
size 1302600

BIN
xwayland-24.1.6.tar.xz.sig Normal file
View File

Binary file not shown.

754
xwayland.changes Normal file
View File

@ -0,0 +1,754 @@
-------------------------------------------------------------------
Tue Feb 25 22:20:48 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 24.1.6:
* This release contains the fixes for the issues reported in
today's security advisory: https://lists.x.org/archives/xorg-announce/2025-February/003584.html
CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597,
CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601.
* Additionally, it reverts a recent Xkb change to fix an issue
with gamescope.
- Drop patches fixed upstream:
* U_CVE-2025-26594-0001-Cursor-Refuse-to-free-the-root-cursor.patch
* U_CVE-2025-26594-0002-dix-keep-a-ref-to-the-rootCursor.patch
* U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch
* U_CVE-2025-26596-0001-xkb-Fix-computation-of-XkbSizeKeySyms.patch
* U_CVE-2025-26597-0001-xkb-Fix-buffer-overflow-in-XkbChangeTypesOfKey.patch
* U_CVE-2025-26598-0001-Xi-Fix-barrier-device-search.patch
* U_CVE-2025-26599-0001-composite-Handle-failure-to-redirect-in-compRedirect.patch
* U_CVE-2025-26599-0002-composite-initialize-border-clip-even-when-pixmap-al.patch
* U_CVE-2025-26600-0001-dix-Dequeue-pending-events-on-frozen-device-on-remov.patch
* U_CVE-2025-26601-0001-sync-Do-not-let-sync-objects-uninitialized.patch
* U_CVE-2025-26601-0002-sync-Check-values-before-applying-changes.patch
* U_CVE-2025-26601-0003-sync-Do-not-fail-SyncAddTriggerToSyncObject.patch
* U_CVE-2025-26601-0004-sync-Apply-changes-last-in-SyncChangeAlarmAttributes.patch
-------------------------------------------------------------------
Tue Feb 25 18:08:33 UTC 2025 - Stefan Dirsch <sndirsch@suse.com>
- U_CVE-2025-26594-0001-Cursor-Refuse-to-free-the-root-cursor.patch
U_CVE-2025-26594-0002-dix-keep-a-ref-to-the-rootCursor.patch
* Use-after-free of the root cursor (CVE-2025-26594, bsc#1237427)
- U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch
* Buffer overflow in XkbVModMaskText() (CVE-2025-26595, bsc#1237429)
- U_CVE-2025-26596-0001-xkb-Fix-computation-of-XkbSizeKeySyms.patch
* Heap overflow in XkbWriteKeySyms() (CVE-2025-26596, bsc#1237430)
- U_CVE-2025-26597-0001-xkb-Fix-buffer-overflow-in-XkbChangeTypesOfKey.patch
* Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597, bsc#1237431)
- U_CVE-2025-26598-0001-Xi-Fix-barrier-device-search.patch
* Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598, bsc#1237432)
- U_CVE-2025-26599-0001-composite-Handle-failure-to-redirect-in-compRedirect.patch
U_CVE-2025-26599-0002-composite-initialize-border-clip-even-when-pixmap-al.patch
* Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599, bsc#1237433)
- U_CVE-2025-26600-0001-dix-Dequeue-pending-events-on-frozen-device-on-remov.patch
* Use-after-free in PlayReleasedEvents() (CVE-2025-26600, bsc#1237434)
- U_CVE-2025-26601-0001-sync-Do-not-let-sync-objects-uninitialized.patch
U_CVE-2025-26601-0002-sync-Check-values-before-applying-changes.patch
U_CVE-2025-26601-0003-sync-Do-not-fail-SyncAddTriggerToSyncObject.patch
U_CVE-2025-26601-0004-sync-Apply-changes-last-in-SyncChangeAlarmAttributes.patch
* Use-after-free in SyncInitTrigger() (CVE-2025-26601, bsc#1237435)
-------------------------------------------------------------------
Thu Feb 6 11:54:10 UTC 2025 - Stefan Dirsch <sndirsch@suse.com>
- Update to 24.1.5
* os: NextDPMSTimeout: mark intentional fallthroughs in switch
* Xi: avoid NULL pointer dereference if GetXTestDevice returns NULL
* render: avoid NULL pointer dereference if PictureFindVisual returns NULL
* dix: fix button offset when generating DeviceButtonStateNotify events
* dix: limit checks to MAX_VALUATORS when generating Xi events
* dix-config.h: add HAVE_SOCKLEN_T definition
* xwayland: copy repeat settings from the compositor map
* xwayland: Don't run key behaviors and actions
* xwayland/glamor/gbm: Don't close fence_fd after xwl_glamor_wait_fence
* xwayland/present: Check allow_commits in xwl_present_flip
* xwayland/glamor: Drop expecting_event bailing from xwl_drm_handle_device
* xwayland: Always decrement expecting_event in xwl_output_create
* xwayland/glamor: Clean-up GBM's screen private on failure
* xwayland: Do not keep the cursor's pixmap around
* xkb: Always use MAP_LENGTH keymap size
* os/connection: Make sure partial is initialized
* xwayland/glamor: Disable GLAMOR after GBM cleanup
* glamor: return the result of gbm_format_for_depth
* glamor: use gbm_format_for_depth instead of open-coding it
* glamor: reject configs using unsupported rgbBits size
* xwayland: prevent potential null pointer dereference
-------------------------------------------------------------------
Tue Oct 29 19:29:21 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- Security update 24.1.4
This release addresses the following security issue
* CVE-2024-9632: Heap-based buffer overflow privilege escalation
in _XkbSetCompatMap (bsc#1231565)
-------------------------------------------------------------------
Thu Oct 3 21:35:10 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- Update to bugfix release 24.1.3
* dix: check for calloc() failure in Xi event conversion routines
* dix: PolyText: fully initialize local_closure
* dix: SetFontPath: don't set errorValue on Success
* dix: enterleave.c: fix implicit fallthrough warnings
* dix: CreateScratchGC: avoid dereference of pointer we just set to NULL
* dix: InitPredictableAccelerationScheme: avoid memory leak on failure
* dix: dixChangeWindowProperty: don't call memcpy if malloc failed
* dix: ProcListProperties: skip unneeded work if numProps is 0
* dix: HashResourceID: use unsigned integers for bit shifting
* dix: GetPairedDevice: check if GetMaster returned NULL
* dix: FindBestPixel: fix implicit fallthrough warning
* CI: clone libdecor from fd.o instead of gnome.org
* CI: update libdecor from 0.1.0 to 0.1.1
* Don't crash if the client argv or argv[0] is NULL.
* Return NULL in *cmdname if the client argv or argv[0] is NULL
* xwayland: connect to the wl display before calling into EGL
* xwayland: Report correct mode size when rootful
* build: Move epoll dependency check
* build: Add epoll to Xwayland for DragonFly and OpenBSD
* build: Fix DRI3 on DragonFly and OpenBSD
* os: Fix NULL pointer dereference
* dix: don't push the XKB state to a non-existing master keyboard
* Xi: when removing a master search for a disabled paired device
-------------------------------------------------------------------
Tue Sep 24 11:24:48 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- added conflicts to patterns-wsl-tmpfiles as this patterns package
creates a symlink from /tmp/.X11-unix to /mnt/wslg/.X11-unix and
therefore prevents Xwayland from creating this needed directory
(bsc#1230755)
-------------------------------------------------------------------
Sat Aug 24 20:14:05 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- Update to bugfix release 24.1.2
* This release addresses several issues, including the first
events being skipped with input emulation using libEI or a fix
with rendering using the UYVY format with the X-Video extension
using GLAMOR.
-------------------------------------------------------------------
Thu Jul 11 13:46:12 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- added version specific requirements for dri3proto, presentproto
and wayland-protocols
-------------------------------------------------------------------
Thu Jul 11 13:17:54 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- This supersedes the following patches
* U_CVE-2024-31080-Xi-ProcXIGetSelectedEvents-needs-to-use-unswapped-le.patch
* U_CVE-2024-31081-Xi-ProcXIPassiveGrabDevice-needs-to-use-unswapped-le.patch
* U_CVE-2024-31083-render-fix-refcounting-of-glyphs-during-ProcRenderAd.patch
* U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
which fixed security issues
* CVE-2024-31080 (bsc#1222309)
* CVE-2024-31081 (bsc#1222310)
* CVE-2024-31083 (bsc#1222312)
and a regression due to a security fix for CVE-2024-31083 (bsc#1222312,
boo#1222442, gitlab xserver issue #1659)
-------------------------------------------------------------------
Thu Jul 11 11:43:22 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- Update to bugfix release 24.1.1 for the current stable 24.1
branch of Xwayland
* xwayland: fix segment fault in `xwl_glamor_gbm_init_main_dev`
* os: Explicitly include X11/Xmd.h for CARD32 definition to fix
building on i686
* present: On *BSD, epoll-shim is needed to emulate eventfd()
* xwayland: Stop on first unmapped child
* xwayland/window-buffers: Promote xwl_window_buffer
* xwayland/window-buffers: Add xwl_window_buffer_release()
* xwayland/glamor/gbm: Copy explicit sync code to GLAMOR/GBM
* xwayland/window-buffers: Use synchronization from GLAMOR/GBM
* xwayland/window-buffers: Do not always set syncpnts
* xwayland/window-buffers: Move code to submit pixmaps
* xwayland/window-buffers: Set syncpnts for all pixmaps
* xwayland: Move xwl_window disposal to its own function
* xwayland: Make sure we do not leak xwl_window on destroy
* wayland/window-buffers: Move buffer disposal to its own function
* xwayland/window-buffers: optionally force disposal
* wayland: Force disposal of windows buffers for root on destroy
* xwayland: Check for pointer in xwl_seat_leave_ptr()
* xwayland: remove includedir from pkgconfig
-------------------------------------------------------------------
Wed Jun 5 11:27:13 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- disable DPMS on sle15 due to missing proto package
-------------------------------------------------------------------
Wed May 15 17:19:45 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- Update to feature release 24.1.0
* This fixes a couple of regressions introduced in the previous release
candidate versions along with a fix for XTEST emulation with EI.
+ xwayland: Send ei_device_frame on device_scroll_discrete
+ xwayland: Restore the ResizeWindow handler
+ xwayland: Handle rootful resize in ResizeWindow
+ xwayland: Move XRandR emulation to the ResizeWindow hook
+ xwayland: Use correct xwl_window lookup function in xwl_set_shape
- eglstreams has been dropped
-------------------------------------------------------------------
Wed May 15 17:14:44 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- Update to bug fix relesae 23.2.7
* m4: drop autoconf leftovers
* xwayland: Send ei_device_frame on device_scroll_discrete
* xwayland: Call drmFreeDevice for dma-buf default feedback
* xwayland: Use drmDevicesEqual in xwl_dmabuf_feedback_tranche_done
* dri3: Free formats in cache_formats_and_modifiers
* xwayland/glamor: Handle depth 15 in gbm_format_for_depth
* Revert "xwayland/glamor: Avoid implicit redirection with depth 32 parent windows"
* xwayland: Check for outputs before lease devices
* xwayland: Do not remove output on withdraw if leased
-------------------------------------------------------------------
Tue Apr 9 13:30:07 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- Update to 23.2.6
* This is a quick bug fix release to address a regression
introduced by the fix for CVE-2024-31083 in xwayland-23.2.5.
-------------------------------------------------------------------
Thu Apr 4 08:07:32 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- Security update 23.2.5
This release contains the 3 security fixes that actually apply to
Xwayland reported in the security advisory of April 3rd 2024
* CVE-2024-31080
* CVE-2024-31081
* CVE-2024-31083
Additionally, it also contains a couple of other fixes, a copy/paste
error in the DeviceStateNotify event and a fix to enable buttons with
pointer gestures for backward compatibility with legacy X11 clients.
-------------------------------------------------------------------
Thu Feb 15 17:13:03 UTC 2024 - Joan Torres <joan.torres@suse.com>
- Don't provide xorg-x11-server-source
* xwayland sources are not meant for a generic server.
* https://github.com/TigerVNC/tigervnc/issues/1728
-------------------------------------------------------------------
Thu Feb 15 10:41:13 UTC 2024 - Joan Torres <joan.torres@suse.com>
- Provide xorg-x11-server-source from xwayland
* xwayland will be more updated than xorg-x11-server, so the server sources
will be more updated too if are provided by xwayland.
* Fixes bsc#1219892.
-------------------------------------------------------------------
Wed Jan 17 10:20:50 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- This release contains also the following patches mentioned in
previous sle15 releases
* bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch
* bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch
* bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch
* bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch
* bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch
* bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch
* bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch
-------------------------------------------------------------------
Tue Jan 16 21:03:25 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- This release contains also the missing fixes of initial
U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
(bsc#1217765)
-------------------------------------------------------------------
Tue Jan 16 13:03:16 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 23.2.4
* This release contains fixes for the issues reported in today's
security advisory:
https://lists.x.org/archives/xorg/2024-January/061525.html
* CVE-2023-6816 (bsc#1218582)
* CVE-2024-0229 (bsc#1218583)
* CVE-2024-21885 (bsc#1218584)
* CVE-2024-21886 (bsc#1218585)
* CVE-2024-0408
* CVE-2024-0409
- supersedes the patches mentioned below:
* U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
* U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
-------------------------------------------------------------------
Mon Dec 4 18:33:56 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
- U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
* Out-of-bounds memory write in XKB button actions (CVE-2023-6377,
ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765)
- U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
* Out-of-bounds memory read in RRChangeOutputProperty and
RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561,
bsc#1217766)
-------------------------------------------------------------------
Fri Nov 24 10:29:56 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
- This release contains the following patches mentioned in previous
sle15 releases
* U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch:
fixes regression introduced with security update for
CVE-2022-46340 (bsc#1205874)
* U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch:
fix handling of PropModeAppend/Prepend ((CVE-2023-5367, ZDI-CAN-22153,
bsc#1216135)
* U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch,
U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch:
Server Damage Object Use-After-Free Local Privilege Escalation
Vulnerability (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
* U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch:
fixes a regresion, which can trigger a segfault in Xwayland on
exit, introduced by
U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
(CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
-------------------------------------------------------------------
Wed Oct 25 10:39:17 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 23.2.2
* This release contains the fix for CVE-2023-5367 and CVE-2023-5574
in today's security advisory:
https://lists.x.org/archives/xorg-announce/2023-October/003430.html
Xwayland does not support multiple protocol screens (Zaphod) and is thus
not affected by CVE-2023-5380.
* Additionally, there is a change in the default behaviour of Xwayland:
Since version 23.2.0 Xwayland (via liboeffis) automatically tries to
connect to the XDG Desktop Portal's RemoteDesktop interface to obtain
the EI socket. That socket is used to send XTest events to the
compositor.
* However, the connection to the session-wide Portal is unsuitable when
Xwayland is running in a nested compositor. Xwayland cannot tell whether
it's running on a nested compositor and to keep backwards compatibility
with Xwayland prior to 23.2.0, Xwayland must now be started with
"-enable-ei-portal" to connect to the portal.
* Compositors (who typically spawn Xwayland rootless) must now pass this
option to get the same behaviour as 23.2.x.
* Finally, Xwayland now uses libbsd-overlay instead of libbsd.
-------------------------------------------------------------------
Wed Sep 20 08:53:56 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 23.2.1:
* glamor: Ignore destination alpha as necessary for composite operation
* xtest: Check whether there is a sendEventsProc to call
- supersedes xwayland-glamor-Ignore-destination-alpha-as-necessary-for-com.patch
-------------------------------------------------------------------
Mon Sep 18 15:22:57 UTC 2023 - Joan Torres <joan.torres@suse.com>
- xwayland-glamor-Ignore-destination-alpha-as-necessary-for-com.patch
* Fix when vncviewer fades to white on xwayland (bsc#1215385,
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1154)
------------------------------------------------------------------
Sat Aug 26 04:14:45 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
- enable libei and libdecor only for TW, since it does not exist
yet on sle15-sp5
-------------------------------------------------------------------
Thu Aug 17 08:39:53 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 23.2.0:
* Optional support for emulated input (EI) via the libei library,
support for the tearing control protocol, and the XWayland
rootful mode is now resizable with libdecor.
- Add pkgconfig(libei-1.0) BuildRequires, build new optional
emulated input support.
- Add pkgconfig(libdecor-0) BuildRequires, build optional CSD
support.
-------------------------------------------------------------------
Sat Jun 10 11:23:26 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 23.1.2
* This release includes improved DMA-BUF v4 feedback support for
direct scanout, relaxed CVT modes for non-standard modes, fixes
for the CHERI/Morello platform and other various fixes.
-------------------------------------------------------------------
Sat Apr 1 11:35:04 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 23.1.1 (CVE-2023-1393):
+ This release contains the fix for CVE-2023-1393.
+ xkbUtils: use existing symbol names instead of deleted
deprecated ones
+ glamor: Don't glFlush/ctx switch unless any work has been
performed
+ xwayland:
- Refactor xwl_present_for_each_frame_callback helper
- Prevent nested xwl_present_for_each_frame_callback calls
+ composite: Fix use-after-free of the COW
- Drop U_xserver-composite-Fix-use-after-free-of-the-COW.patch:
Fixed upstream.
-------------------------------------------------------------------
Thu Mar 23 12:32:18 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
- U_xserver-composite-Fix-use-after-free-of-the-COW.patch
* overlay window use-after-free (CVE-2023-1393, ZDI-CAN-19866,
bsc#1209543)
-------------------------------------------------------------------
Wed Mar 22 17:57:02 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 23.1.0:
* test: Use either wayland-info or weston-info.
- Changes from version 23.1.0.rc2:
* A regression with keymaps which were not applied anymore.
* Various regressions with DRM format modifiers.
- Changes from version 23.1.0.rc1:
* Support for linux_dmabuf v4 protocol.
* Support for wl_pointer.axis_v120 (high-resolution scrolling).
* Support for xwayland_shell protocol.
* Improved "rootful" mode for using Xwayland as a nested Xserver.
* Improved emulated XRandR support exposing the output names.
* Support for byte-swapped clients is now disabled by default.
-------------------------------------------------------------------
Tue Feb 7 14:29:21 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 22.1.8
* This release contains the fix for CVE-2023-0494 in today's
security advisory:
https://lists.x.org/archives/xorg-announce/2023-February/003320.html
* It also fixes a second possible OOB access during EnqueueEvent.
- supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch
-------------------------------------------------------------------
Thu Feb 2 15:39:06 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
- improved summary and description
- added requires to xkeyboard-config
- added recommends to xorg-x11-fonts-core
- removed unused 'package' section
-------------------------------------------------------------------
Wed Feb 1 10:06:15 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
- U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch
* DeepCopyPointerClasses use-after-free (CVE-2023-0494,
ZDI-CAN-19596, bsc#1207783)
-------------------------------------------------------------------
Sat Dec 31 15:51:38 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 22.1.7
* This release fixes an invalid event type mask in
XTestSwapFakeInput which was inadvertently changed from octal
0177 to hexadecimal 0x177 in the fix for CVE-2022-46340.
-------------------------------------------------------------------
Thu Dec 15 15:15:47 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 22.1.6:
* Fixes CVE-2022-46340, CVE-2022-46341, CVE-2022-46342,
CVE-2022-46343, CVE-2022-46344, CVE-2022-4283.
* Xtest: disallow GenericEvents in XTestSwapFakeInput
* Xi: disallow passive grabs with a detail > 255
* Xext: free the XvRTVideoNotify when turning off from the same
client
* Xext: free the screen saver resource when replacing it
* Xi: return an error from XI property changes if verification
failed
* Xi: avoid integer truncation in length check of
ProcXIChangeProperty
* xkb: reset the radio_groups pointer to NULL after freeing it
- Drop patches fixed upstream:
* U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
* U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
* U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
* U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
* U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
* U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
* U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
-------------------------------------------------------------------
Tue Dec 6 14:30:52 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
* XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283,
bsc#1206017)
-------------------------------------------------------------------
Wed Nov 30 15:02:57 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
* Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265,
CVE-2022-46340, bsc#1205874)
- U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
* Xi: return an error from XI property changes if verification
failed (no ZDI-CAN id, no CVE id, bsc#1205875)
- U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
* Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405,
CVE-2022-46344, bsc#1205876)
- U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
* Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381,
CVE-2022-46341, bsc#1205877)
- U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
* Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404,
CVE-2022-46343, bsc#1205878)
- U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
* Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400,
CVE-2022-46342, bsc#1205879)
-------------------------------------------------------------------
Wed Nov 2 11:27:06 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 22.1.5
* This is a follow-up release to address a couple of regressions
which found their way into the recent xwayland-22.1.4 release,
namely:
+ Double scroll wheel events with some Wayland compositors
https://gitlab.freedesktop.org/xorg/xserver/-/issues/1392
+ Key keeps repeating when a window is closed while a key is pressed
https://gitlab.freedesktop.org/xorg/xserver/-/issues/1395
- supersedes U_Do-not-ignore-leave-events.patch
-------------------------------------------------------------------
Mon Oct 24 13:50:22 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- U_Do-not-ignore-leave-events.patch
* fixes xwayland issue#1397, issue#1395
-------------------------------------------------------------------
Thu Oct 20 11:50:17 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 22.1.4
* xwayland: Aggregate scroll axis events to fix kinetic scrolling
* Forbid server grabs by non-WM on *rootless* XWayland
* xkb: Avoid length-check failure on empty strings.
* ci: remove redundant slash in libxcvt repository url
* dix: Skip more code in SetRootClip for ROOT_CLIP_INPUT_ONLY
* dix: Fix overzealous caching of ResourceClientBits()
* xwayland: Prevent Xserver grabs with rootless
* xwayland: Delay wl_surface destruction
* build: Bump wayland requirement to 1.18
* xwayland: set tag on our surfaces
* xwayland: Clear the "xwl-window" tag on unrealize
* xwayland: correct the type for the discrete scroll events
* xkb: fix some possible memleaks in XkbGetKbdByName
* xkb: length-check XkbGetKbdByName before accessing the fields
* xkb: length-check XkbListComponents before accessing the fields
* xkb: proof GetCountedString against request length attacks
- supersedes security patches:
* U_xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
* U_xkb-proof-GetCountedString-against-request-length-at.patch
-------------------------------------------------------------------
Wed Oct 19 11:19:40 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- U_xkb-proof-GetCountedString-against-request-length-at.patch
* security update for CVE-2022-3550 (bsc#1204412)
- U_xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
* security update for CVE-2022-3551 (bsc#1204416)
-------------------------------------------------------------------
Tue Jul 12 14:22:22 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 22.1.3
* os: print <signal handler called> if unw_is_signal_frame()
* os: print registers in the libunwind version of xorg_backtrace()
* xwayland/present: Do not send two idle notify events for flip pixmaps
* xwayland: Fix check logic in sprite_check_lost_focus()
* xwayland: Change randr_output status when call xwl_output_remove()
* xkb: switch to array index loops to moving pointers
* xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck
* xkb: add request length validation for XkbSetGeometry
-------------------------------------------------------------------
Wed May 25 10:03:50 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 22.1.2
* randr: Add "RANDR Emulation" property
* xwayland/output: Set the "RANDR Emulation" property
* xwayland: Fix invalid pointer access in drm_lease_device_handle_released.
-------------------------------------------------------------------
Thu Mar 31 09:21:36 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 22.1.1
* xwayland: Clear timer_armed in xwl_present_unrealize_window
* xwayland: Always hook up frame_callback_list in xwl_present_queue_vblank
* Xwayland: Do not map the COW by default when rootless
* xwayland/present: Fix use-after-free in xwl_unrealize_window()
-------------------------------------------------------------------
Wed Feb 16 15:39:59 UTC 2022 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 22.1.0
* xwayland: Fix cursor color
-------------------------------------------------------------------
Thu Feb 3 04:48:43 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 22.0.99.902
* render: Fix build with gcc 12
-------------------------------------------------------------------
Thu Jan 20 17:59:50 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 22.0.99.901
* DRM lease support
* Enables sRGB fbconfigs in GLX
* Requires libxcvt
* Refactoring of the present code in Xwayland
* Implements support for touchpad gestures
* Support for xfixes's ClientDisconnectMode and optional
terminate delay
- Add pkgconfig(libxcvt) BuildRequires: New dependency.
- Add xwayland.keyring, use url for sources, validate sig.
- Move man pages from devel to main binary package.
- Enable LTO, no longer disable LTO via macro.
-------------------------------------------------------------------
Tue Dec 14 15:44:46 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 21.1.4
* Fixes for multiple input validation failures in X server extensions:
+ CVE-2021-4008/ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds access (boo#1193030)
+ CVE-2021-4009/ZDI-CAN 14950 SProcXFixesCreatePointerBarrier out-of-bounds access (boo#1190487)
+ CVE-2021-4010/ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access (boo#1190488)
+ CVE-2021-4011/ZDI-CAN-14952 SwapCreateRegister out-of-bounds access (boo#1190489)
* This release also includes other fixes such as:
+ Store EGLcontext to avoid superfluous eglMakeCurrent() calls
+ Prefer EGLStream with NVIDIA proprietary driver if both GBM and EGLstream are available
-------------------------------------------------------------------
Mon Nov 8 11:45:16 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 21.1.3
* Most notable change is a fix for the GBM backend to work with
the Nvidia driver series 495.
- supersedes U_glamor-Fix-handling-of-1-bit-pixmaps.patch
-------------------------------------------------------------------
Thu Oct 7 12:22:22 UTC 2021 - Joan Torres <joan.torres@suse.com>
- Specfile cleanup
-------------------------------------------------------------------
Tue Sep 28 16:22:32 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- U_glamor-Fix-handling-of-1-bit-pixmaps.patch
* glamor: Fix handling of 1-bit pixmaps; fixes e.g. issues with
gimp on Wayland (which needs Xwayland) (boo#1189310)
-------------------------------------------------------------------
Mon Sep 27 11:56:41 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- covers jira#SLE/SLE-18653
-------------------------------------------------------------------
Thu Jul 15 18:24:01 UTC 2021 - Macie McKitrick <macie.mckitrick@protonmail.com>
- xwayland pc is required for S390x and S390
-------------------------------------------------------------------
Fri Jul 9 11:19:50 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 21.1.2
* The only change compared to the release candidate is a fix for
a long standing issue where Xwayland wouldn't send events to
notify clients of RandR configuration changes in some cases.
-------------------------------------------------------------------
Thu Jul 1 10:16:22 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 21.1.1.901 (21.1.2 RC1)
* It's a bit special, as most of the changes are not the usual
stable branch fixes material, but are needed for HW accelerated
direct rendering with the Nvidia 470 driver (which is currently
in open beta).
* changes are mostly specific to the EGLStream backend and do not
affect the GBM backend. And they make a big difference for users
of the EGLStream backend.
* See
https://lists.fedoraproject.org/archives/list/desktop@lists.fedoraproject.org/thread/BBZVDNST67I2AQOCPSHKYAY6D5Z66JIP/
for more information about testing the EGLStream changes
- enabled Wayland eglstreams (needs new packages egl-wayland and
eglexternalplatform)
-------------------------------------------------------------------
Tue Apr 13 15:21:03 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- Update to version 21.1.1
* Fix XChangeFeedbackControl() request underflow (CVE-2021-3472,
ZDI-CAN-1259, bsc#1180128)
-------------------------------------------------------------------
Mon Apr 12 18:01:05 UTC 2021 - Tobias Klausmann <tobias.klausmann@freenet.de>
- Additionally to not packing /usr/lib64/xorg/protocol.txt, delete it to fix
the build
-------------------------------------------------------------------
Mon Apr 12 10:48:11 UTC 2021 - Callum Farmer <gmbr3@opensuse.org>
- Make vendor name the same as xorg-x11-server
-------------------------------------------------------------------
Mon Apr 12 09:22:12 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- removed conflicting /usr/lib64/xorg/protocol.txt (already in
xorg-x11-server package)
-------------------------------------------------------------------
Wed Apr 7 08:55:57 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- added summary for -devel package
- some cleanup
-------------------------------------------------------------------
Wed Mar 17 21:20:29 UTC 2021 - Tobias Klausmann <tobias.klausmann@freenet.de>
- Update to version 21.1.0:
* meson: Make sure XKM_OUTPUT_DIR has a trailing slash
* xwayland: Fix LeaveNotify for relative pointer
- Highlights compared to xserver 1.20.10:
* Xwayland's XVideo support (via glamor) now supports NV12
* glamor can now accelerate some more RENDER extension formats
* Xwayland's GLX provider now uses the EGL implementation instead of Mesa's
swrast_dri.so directly
* Xwayland can now use the wp_viewport Wayland protocol for up-scaling of
fullscreen applications setting lower resolutions via the RandR /
XFree86-VidModeExtension extensions
* Xwayland now alternates between multiple buffers for all Wayland surfaces,
making it less of a special case compared to other Wayland clients
* Xwayland can now use memfd_create for creating buffers shared with the
Wayland compositor when glamor hardware acceleration is disabled
* Xwayland has better support for clients using relative mouse input and
keyboard grabs
* An Xwayland.1 manpage is now installed
* Xwayland now supports -listenfd, -version and -verbose command line options
* Xwayland now installs an xwayland.pc file which helps discovering the path
of the installed Xwayland binary and the features it supports
* Only meson is supported for building
* Only Xwayland and Xvfb can be built, only Xwayland can be installed
-------------------------------------------------------------------
Thu Mar 4 09:49:25 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- update to 21.0.99.902
* second release candidate for the standalone Xwayland 21.1.0 release
* meson.build: Keep the protocol version looking like xserver 1.20.x did
* xwayland: Delay cursor visibility update
-------------------------------------------------------------------
Fri Feb 26 10:25:41 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- added Buildrequires to pkgconfig(glproto) and pkgconfig(gl) to
fix build on Leap
-------------------------------------------------------------------
Fri Feb 19 13:22:04 UTC 2021 - Tobias Klausmann <tobias.klausmann@freenet.de>
- Initial stand-alone Xwayland package version 21.0.99.901 (boo#1182677)

204
xwayland.keyring Normal file
View File

@ -0,0 +1,204 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQGiBEab+moRBACDH5yKqS3wcc5bdxY7PBNuwKvF5TKMfagmSvuRDtZjjIIWaA/n
Z1KboV9Gq5g7kP7+Kfu+Qgd8u65eVsWwmPW10fXvj3aCU53glx2EdGdrHcgiyH2g
EQfPiyBw+trIppWFRV0IDXSLMA1FNC92t2nSG/VFHaPTVwcgkIRSfcXDvwCglGdE
a6f4uLqoNHP+m4yYnzapFuMD/R4+2AJDAvEWKDdYCGZzlawjAmmWyXrmT7/C/mx9
8qUR473l4buXjHgDkkXXlHqdzil1vK85PhrKzNJDCCmlHUJNz+QwiAMOLwpD+kwV
Pb57RG7y+a5JQ5+jtVw4RlUxZIk/wj2An9YBO3A5vR7PdjM32ZJCN2+aM4dYfNzQ
xQKTA/47icvBaBVTl9rztjg2pd2Aqpc1P/GsIYLGj7XjnnJvGAENBHSH1QjpZMJG
CTS9oJ+B0/wrIr+pA+MdFgYAb6ojMQJOO6UChjWWSGjMFcs/CeXhxlLBido3DtAE
TbNTwO6OEfAvdosvTdhJFnwvZlJ+zZGGy5CrF2Fd9PUe9tmASbQoQWxhbiBDb29w
ZXJzbWl0aCA8YWxhbmNAZnJlZWRlc2t0b3Aub3JnPohiBBMRAgAiBQJPZ87eAhsD
BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCi+54IHy0TDmYGAJ0TBfcvF8FT
J7K00QUWb1W/6BcoaACfUWshKQ/r565KDCAa+KpqYB9W4zqIaAQTEQIAKAIbAwYL
CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlF50WIFCRRD2HgACgkQovueCB8tEw6J
8QCgj3AIFzaI7ro1IOVqour9EQRVUlIAoIKtUrFRHavTQ1r175HhsjWgYr0itCtB
bGFuIENvb3BlcnNtaXRoIDxhbGFuLmNvb3BlcnNtaXRoQHN1bi5jb20+iGAEExEC
ACAFAkab+moCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCi+54IHy0TDvaZ
AJ9vEM9IPD/YHXSL9F+CkoT9pX8IFwCgjQ5xtceXkbTGVZdOicZ222mV9MmIZgQT
EQIAJgIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheABQJRedFiBQkUQ9h4AAoJEKL7
nggfLRMO6sUAn0jl3h9rY4OJ13Lu7nsKclyhDpOqAKCFgTmaDGRuDRxloLg9jftr
n7a7vrQuQWxhbiBDb29wZXJzbWl0aCA8YWxhbi5jb29wZXJzbWl0aEBvcmFjbGUu
Y29tPohlBBMRAgAlAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCT2fPgQIZ
AQAKCRCi+54IHy0TDrxZAJ4ucO4mWDBUEnPni/KikswECcSSQgCeM0sYiNPOo7o6
I20jWb+MpeVttA2IawQTEQIAKwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AC
GQEFAlF50WIFCRRD2HgACgkQovueCB8tEw7QWQCfSIFVTaBSD0Y07DY3EhWi857g
0SYAnAv1oFd9diK8UkPD0QMhIKM0gfSnuQINBEab+m8QCACaeWlJYaOa1IaUuopO
7KbAEBT0bsnDyjDbtCeBdL/zqD89PObKFfMrS4+B6ghpNmWpodY0oJYmcLpPZu1e
1oMcfpwSWsKVg1/3iizmxK3w8EOHXzhb421y0DJjZ0DWlBiFizz95fBrgThzKutA
bvkz4Ietu71J7S+UREBEKk1yM1gulNdELA25S8CL3TlUnRhecZfzdZsl80ir67Gc
FraBXPBvb/YXAo4bTdbJvW+zo3OdYmV73HrXLz8uUQOgFFt8hBMWnnVHS57yBfbI
xWCHyVhVWIdgIGr5xq3unxfjVdr9838d8EU+x/f/5uGCA2CZoGYMkHHF3oE8HxgS
Kt6LAAMGB/9RYjFDDBEuSJc9pw6iHfgwlhAgFOsILyBUXF62VsQ8Qfma55kwl6AA
9MXnaXzpER6fF01XP/TFPsEPpWUcdjkOjCVtFxrhbx5veCmRf/B81gNgIe1OJ9Pt
7C6ZOs1nHmats2TRdMlU48A/fPsTStUPbD/GjinbYPMjB94YrCkeq3Vvpn1+atEP
BqJdoWbBR/6siIZz84Vw5J7jofBOYjJM63o1V1BJ/vmM49t14z+fUjmy851ZMsSP
pASPar1RD3xQQ8m4x1qi3IEXAqVwM44sxIvv3d9Yg2thKyR1eEeNqG3nBaoj56A7
Yl9yIj+8/X5sTOGlj2WUar6vtYbecJJ/iEkEGBECAAkFAkab+m8CGwwACgkQovue
CB8tEw6C6ACgh2EacP138hLp8NWC/7jGc5e/KiEAnRVXFzW6g/N6lYVuC8u4cgy/
KNGiuQINBFF51SEBEACh6YzpmNOep9LbGaFvauXoLDHJebSgvLopq4TtOZ56vuf+
tP2HnQvvlfXPW/9/1+ztvC8gZALQYA9MSWUg0NA4U8ygKegM40LQbyOvLopxsMUo
0/qEKTzMaoQNSNJM6BAwnRKlfh7FTgBHWwIv7T/W23Uw88FXPDFg64mpgVKnOd0W
9NDH38veN+VIE0uIAITMADYcul2ZjjAYSEzs8RSVBA0wybS2xNG9Yz0UEuzR0IGp
NYp5rrzzHN8ALqBHEgkrdcbqW2LAaFzoyucAv3hNSyHWaEcltjpE9eNA6g2fM30S
A/OtIZ4q52IG9PUzzbY/d6bnVAFLek/frXCzeP68YcRzsLHuuihhzuG0Na2epn3K
OkmHfVetHC+oQtnjHnMsWZYjLte5Y+xF/JcVB/qJiIB3OxxqMlEelflgetHMVo+b
9Oc3Xi3mdmiwXDxYcZXwxEpvH+Hs3SUg0tUGZgtD+Yd0SX4YX5nQa/JB86+9ddQ9
fzu9QL9VVeRcifWMVEsaeCD7syuyW24FR3AOj716w81lLJZmYDwA6Sh+IU5hvzXQ
qoRF3Ln72OrOcjZLAfF90Xjb7kksnxp0c95L7citF8wuykV9j6riyOgPCiaax8GR
qhAdTQxvG9ommJ4ITo8nyGBFUBd5xn2gcL+JawjxKGUlGivH/zUGYzVPDUMk5wAR
AQABiQJtBBgRCgAPBQJRedUhAhsCBQkJZgGAAikJEKL7nggfLRMOwV0gBBkBCgAG
BQJRedUhAAoJEM/fFIgoxkKn1uYP/3TnSR7dt3HTMs+VQA2hO7vi9BPnl/RrRxeC
euPXl7LoufRLWx4dp13RoXeUqkPBQ4vRghCmkOEt9Z/2ASxAQpI+0dCDIpFtqO/P
ycQ6LwfPmi+tOoYJmnzVcdWiLISIJa5fF5bt7I3gLxuPFumI3S9pn6yAx4yFcDmb
DIoWzib0k+kN7qR3Z5ow7TORwkJiOTRFw1mI+iGboSZ56w1sDbMmFeCj6FAcQHKi
MgnmW1bLLllpxz11/FWr1avfL6Vcp3xsxmKSWw49fQv7rTIyhiOXXL21WrnAO1/6
JLca8UukgQ4biGgBPeGR5W8an8h3xEyPy2tmfwCwwLWHYSUdoEpEx8ikltUKmJbp
Unwf/5Z52uOJpk7kTjWwzYG9BRkr7bATGfNIhw6j4FH0utJMQnxa7Ehn0xVPl+EA
M6U7VCRHK/ieB1Cw3jH8DoIIVX5isRV1n7nfMQ2gl7ssC07VYDAmaeD+zAMriZWs
bBU7vnNVZcveIK5OFDLQCyzKgl0qLAOPdIC00nYNx0sMbdkPyyXcuNu2SDL4xlyK
7p7PFPzpi/XVYFrt2yR7C+vEpMfE7Ot6kzfUFzPzwfvFcDmguzyfoOreNA5Xjpnb
EvHDd9cn+SgfK7C+Lp+LtcqzCX6Z0m5TzLucCYt5I6APg3eWRasfZ04uMAY31WBg
j7JXqufSvJEAmMdQp5WXKut9CE8vXQf2hwkK8toAmwcGdkbH/ZK9OUvLi4ZcFt70
Ur0b
=xH1V
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQGiBD8b0wYRBACph9kRJmP+4+JGsCgFlFoy4vFO0DCG+jmkQN0n1wdInt/N/UtA
sZToO72AUmfmYizA+IEbzBrx0UnUo3w3BDmHxUWf/akZiPUz9AA/YFY4xC3MY2OK
VN2Jz6YSce4zJ5jd2ZRobHm4HuIf/8yqSCcsv7FNfrLaTNIFRs5gYYsqZwCgwmkp
RSLRc8WAnHrTWNQDaEFM2rUEAKTjrTjMN8+KGd0BxNX7HiTSqQP++nXNwAYs1oWB
Yt82YHj9SvRCqCzD1pzJQivYnlNoWDza1VeMnfdAvkdia8z4lYbO/RunXZJvra3Z
VDm+izq+uwUAyvFuEYnNz09VSqwXKT6+XW0Xtz2vHq52r6DS6mK8cGJHZ5OhrRjq
UEYxA/9STh+QfA98xtNoRcf52E/46r7IpCj440oRVc9lMfxQZrLGQNqp7sPdIhGQ
CCo2NUII5hkhdAG71kpbfSXU4Sh32p1cU1KYCAkDFfb49bKuAs+Pff8v6FGZxTdd
AinPZr4BbsYJatk818aTCnu0+s7L8jL5GPfeyuyEMKwzVBx2mLQpUGV0ZXIgSHV0
dGVyZXIgKFdoby1UKSA8b2ZmaWNlQHdoby10Lm5ldD6IRgQQEQIABgUCPyZd9AAK
CRAxKkm802WJtQJ2AKCuZPqsSxFtrHh3vMLXpzmF1Gk1DgCgrV7f+A9NpkYzPiQK
nyzX3kb53jqIRgQQEQIABgUCQApO8gAKCRAkkHkTqLdyOKXuAJ0awetW7KLequ5w
bRIYcbDukt9QsgCffAvxsB3YXORG9PnYx3Qd2WKiFdGIRgQQEQIABgUCQAyMfAAK
CRAtURMMV/bnvdD+AJ9AuFu4uEHlqANyLjE6F+0lNfqHzACffl/TTo26T6ikwSFi
puniCtS/w2yIRgQQEQIABgUCQMQJ8wAKCRAE3Uhrsk4s930xAJ0UM2jRbfkUWDjj
tHA5qiNk5ku6qwCfScSgkLm+EKfI7OzFAOopa5LSsUeIRgQSEQIABgUCQAZZYwAK
CRCml0fm7Bs4OS+4AJwPAdK0RFqk0FxdcOZgEIiSevhIMQCggAt1F4+PDq01u/JT
1LaLH6vcj/aIRgQSEQIABgUCQAqJ+QAKCRDCsHn89cdSVpcoAJ4wXtsKP0ka9wNC
+VWa1+Ssw9h3SgCgkqOhRS26Svc7rgJZ0aHa53052tKIRgQSEQIABgUCQAtDqQAK
CRA8Y8o/oLPoiz5BAKCLW6zgmroiQKB5EaI6MKTpEn6y+wCdH8edOA5rdiiNoDXx
fdrp5L2O2MSIRgQSEQIABgUCQAyNrQAKCRBa6RlsHeXyaRdXAKCLuL5caS8d4WQN
EFRMTl5TC9WJTwCgrTpj50y5Rn2bkIDrolpv1t6t+EiIRgQSEQIABgUCQBIOZwAK
CRAtQ2Ay0CIa0nYQAJ9qIKrAqXld5i165D1OOfI3Hot2iACgjctJVT1bZTLCxJcg
bih2T+zbD9uIRgQSEQIABgUCQBOxCgAKCRCFMAOu3onHXFlxAJsGvLGKec9gqG1e
At2pgqtrn4SkrQCgx35W3kGyCYGXG/L7dXNtPPNa3KaIRgQSEQIABgUCQBXjHQAK
CRAiGMgejnwD/w12AKCHLLO3eqqwGhWLX0ys7T7pXWnRVwCfSaMs8XlfauaHLqbw
OcGvrJPBhxaIRgQSEQIABgUCQBicOgAKCRAESetNaTUTh9f7AJ975KGrbE+BV2+v
tEx6olIiXHELpACfVGbarcF4y5V6EadqfEQC8WtVhjiIRgQSEQIABgUCQBpGxAAK
CRCXWuW+Ha5Wc7EmAKDB9tFRgz6Xrmf6g5XBIGsYHMSnNACeJYeTx+tihse4/NdZ
1xGU12oSAciIRgQSEQIABgUCQFgq4AAKCRAhuVdcp9kWAi2hAKDM5u/Lo6nReFxQ
IjKihaP9Dkb7KwCgotUNmV6q6AgS21YTbxg814NsZrCIRgQSEQIABgUCQG7LZQAK
CRDXKjXRa5G1hCK1AJ9OSoVUdmXDXCWj3SlLgZ/ObrFUvACfWtPXyc7ArMkMgoU3
IL032k8EbzqIRgQTEQIABgUCP48vGgAKCRDmAsqjSEK1tMDMAJ4wp27dGYjNSyj2
+zkJW6UdwZx+twCeNxJWbJKZR8YHVE+ERbuMU2OEiteIRgQTEQIABgUCQAdFDgAK
CRBFiyjaLHHWPQSVAJsEnIgJBd+7XVFND548g2ncnOuPOQCfdVpEvfOvznAy268n
ZqmA80vByNaIRgQTEQIABgUCQAfi1QAKCRCgLNqfPQi2EoXBAJ0W8qvDZucBtxHJ
VU66i6jZVCgwoACeOD4rT2m6YIaXpLYA/cJbeyGSX1+IRgQTEQIABgUCQAkaIAAK
CRBW37Z3LhW4WYUJAJ0YuCLIMNen+e+6xtvOjv6mF4xc5QCfWNoh5S1mpJ2rWMSP
p1UUxp297B2IRgQTEQIABgUCQAokuwAKCRCsqWuZ/t48LvT8AJsG1rRRDGy2e+xt
/8ocU5qPjDJ5rACdEqDWq+8/27LUgABsMbVVf26/7EiIRgQTEQIABgUCQAvQnQAK
CRDmix3Su/HM73sAAJ4vVmW+ObH01UlLhAIJlcovzSdF4QCgo+0l8Bm3BBSpoASx
SZszYCwdNOWIRgQTEQIABgUCQAxijwAKCRCOYuf3ZAEai2NXAKCIVWAYHuPZeG7h
VTNk2fuRhRGb7wCdFiJSWeil9zWos7Rc+l1t4zvYOFuIRgQTEQIABgUCQAygMQAK
CRDIHVGzO6c6LIbqAKCpOZtcX0wcPMH4c2vHO7Ik+6dwyQCguEyhow+uQ8AxXdZP
UniXG2gLX1+IRgQTEQIABgUCQA9MUAAKCRA51HTjafHvV+KvAKCQ0eaNlJyEjoVX
iTVNUiyE/4WMdACgote5Zj2Twi7NeXlAa+WPkD2181eIRgQTEQIABgUCQBGzbwAK
CRCKZ3GcLegns1xXAJ9fPVeWE/sFtnEkxOJcYjnR6ZBkQQCcDOL5vd6Y46qDXjBS
dY7k1ox9mvqIRgQTEQIABgUCQBG0XgAKCRCAxpglEI9gu0zsAJ0VXhPVAGF66tH+
bhRosfmerGPbkwCgl8JhboLh8tJjfIu+rqkZSCeRcUmIRgQTEQIABgUCQBSC6QAK
CRB274zoh7HPtVW0AKCo2a+Qq1tWJgQ8oiUs7Wo0fnE3bACdHzCo+N5FSYU/UvOA
y6NSb38TNc6IRgQTEQIABgUCQBryTQAKCRAo/LxS51BlLskwAJ9OskVyG+jAetJ6
s1IuAm0ckrG2nQCfeCYYz+SmmsryPYw1XDl/pHdqISGIRgQTEQIABgUCQJfQUQAK
CRAWD6xZgnKioa/yAKCvzwPgnZzoPjPpjAKtcyyz8lxpzACgsfmfDOF47FMfVKWP
jEKz1eReEAqIRgQTEQIABgUCQN/TNQAKCRAXW4/hvruTP73FAJ9OJqXWuSx8KtBo
f4PFwfnTUXPQYgCgghRvm7XpfKuqRnvHSnYU+Bt5f9eIRgQTEQIABgUCQaJalwAK
CRBCnwFbCWxN06enAJ9kdhO8NBTqflkRAg7moXMRqew/GwCdFeghO7RA5Bsfpcm3
6Ln0VNkiT6OIWQQTEQIAGQUCPxvTBgQLBwMCAxUCAwMWAgECHgECF4AACgkQ4jt+
cLRn8L/0RACfWo3KTMUg+uPRqA6RXxk04CWjXaMAoJeIxOpZLB3RBltPnSi7PyVQ
IkHFiJwEEgECAAYFAkAGO40ACgkQfjFQpnY76QFI3wP+P/M6i5NEBqdkr+CpIK5L
KfHB8KBYYSXMfs/8woYhiyRgqVmmdwkbnv/9KEZocVTqu24R6BxGfPw7zD+lvD8l
9+TTrq9OhU+zAfsjBQdgY35NGET5aWOB25bq/1sLFOxzUqe5jXT2OWt1t/kVzLtK
rka9tJSqJTVetGDLZ4giUtOJARwEEwECAAYFAkAsk4MACgkQnvi/HyptydItOwf/
VWKWqU3Ap9N5ihKseK2ljFi704zLpOXEEZzb1bzuPdOe7BDSSbktBiQ5XDl7krDZ
2y3XhObstIC3cli0sxf6DTPNji/9ouHqORuvyOSILLzlG60N67w3NJ9vbvpIzNWc
XddyWOA/Boj0+XTgCrb3PodQ/CicKCVXceo78BvFfGwpAf7rdKIK/RvomKgN1/qn
rhWCDFLdY785zT5qSFykwBW6IBalyzafJkeTKTH5OF6eTTlX7r9LWTYfl/eqbsTi
h6o+KbSzm1IcSDEv0P2SHWKP6XLVxCE4qqG1sN8qTJh2+104p21NfWCIZBGhKpCE
vG9X2uFJpQ8dP7/OfV7dNbkBDQQ/G9MIEAQAk56jmDlmFUfDtQ+9yep23QHmQm16
1JMlyLsqgTnSpl/9ECZkrO1n7GvoT3w4Y+motBrNgvEIP9D85POm+KfQy5H9DOkW
mI1LQiQaUufca7Fep8+sWc0GuEUXX9WCZsNrYmtTDF88W8EFNmyqWBJvDbBmgVET
BndNhL7DDdsCNrsAAwUD/3vTI1a//OVw8wJVATfB8GFubM08j/GVXEDqjpjXm5E1
hi75D6wXV5sac61o8T6JTtVnFkI1C9Gzf623ann0+uYlRyRyWf3KU7YBpQj4S+SU
wOdJbXdCNdwgAWFixZrMKJ1xEv+rXIJX+K69za4trDq2OR4ID4qRMzqOb3SjqMP6
iEYEGBECAAYFAj8b0wgACgkQ4jt+cLRn8L+vIwCgg7y9oJK4NeDX1e6zXNOeytZy
9hoAnigKVkYBlc2jpAKdD+bULpWgw+sz
=Q/D0
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: Hostname: pgp.surf.nl
Version: Hockeypuck 2.1.2
xsDiBERd0h4RBACflXMwRMuZ/gICB7oM/SwnYMoDeRVaZHYT2RtI6iaNQpovoMas
fbLX31icweQm9sMLQJR/bNABpp28Fs1S4yNt9SwAProigexyWl3fFE3uqoVRmglZ
uQdyXl7nnPC7A3hxHPX88tsZS4UlLFRssTjNnrzzhSR3xyyIlOJnmG5pJwCg/yaH
DECRtdWm9gIJZwfM6S+ANYUD/0s6FPCIdbDqCzNcMH7YZID+JjBOU3VlRdXfzGmx
Iy2aPBpC9pkb0EUEL94QZ5Ysa1EGNnNUPq8dQWOr/NllCt2/l0HDLGoziBCpBTvG
ZNnFaJoErG0kmCH2u0w9VmKKSBq6C0sI8rFW1JthKc/bu6ucBKKbpi4sFYAMyZHn
sNbzA/9VYevyns5TmZeR7t+x8YRj6xZxWVNGm20gnBBhHVnq/EGIn4a/YN1NLFNc
4EuarFnzl0w6L1IQHanM+ajBJgzL4oSYCufhTSXgA2utrpIRtKkRW9JH6zt3J5hk
W8oIcEsY3YRKQ3iVKS3Kz8PgSwezNewFT6o3Juu//95O5qSm8s0iT2xpdmllciBG
b3VyZGFuIDxmb3VyZGFuQHhmY2Uub3JnPsJ6BBMRAgA6AhsjBgsJCAcDAgQVAggD
BBYCAwECHgECF4ACGQEWIQRn3IbyYj/F/Uu1Il0UcG2+HktFQAUCXx7jggAKCRAU
cG2+HktFQMAMAJ4kmAtOA9YEazO+1TNxEvEDZbEDSwCfUVR27NAtNegGOMO7piF1
KrurTenCaQQTEQIAKQIbIwYLCQgHAwIEFQIIAwQWAgMBAh4BAheABQkaVB3SBQJG
o8t0AhkBAAoJEBRwbb4eS0VANIcAn39YcAnhLnB1pIRQDuBIiIhhFMScAKDZYHMB
1WIaknrKZSOnjwKBHw2nOcJjBBMRAgAjBQJEXdIeBQkJZgGABgsJCAcDAgQVAggD
BBYCAwECHgECF4AACgkQFHBtvh5LRUDz7ACgmLpkFGTjcUGnzXnjIw071JQi0HQA
nisMFnp0kBQIqdv2lufZ9YxXZhD3wkYEEBECAAYFAkRm8GUACgkQLXYbC37EqKxO
LQCeNE+A668Qj5DB2vmibAV5rn4pMhwAnjgUS/l03Ckfq7jCx1jc3DxSh9UQwkYE
EBECAAYFAkUMKvkACgkQRR//0/1eDw85jgCfXsyjpqetxwwoyc6LVAdvAhljhF8A
nAgKOMp8LG6DDrhRomp4kjv0SHegzSNPbGl2aWVyIEZvdXJkYW4gPGZvdXJkYW5A
Z21haWwuY29tPsJ3BBMRAgA3AhsjBgsJCAcDAgQVAggDBBYCAwECHgECF4AWIQRn
3IbyYj/F/Uu1Il0UcG2+HktFQAUCXx7jgwAKCRAUcG2+HktFQJ5GAJ9yYpsMZ5oW
I8Kv1qGf0MlRRZgxTACeL0BZ4Ni2nm5Exuv2CJxeT/KpcJ3CZgQTEQIAJgIbIwYL
CQgHAwIEFQIIAwQWAgMBAh4BAheABQJGo8tYBQkaVB3SAAoJEBRwbb4eS0VAhKgA
n3Js4UVMHITK3bgpcECV6xfuoEiUAKCZa2BJbdnOgbAlcbSScRGpI8MMPMJmBBMR
AgAmBQJGo8gKAhsjBQkJZgGABgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQFHBt
vh5LRUBydACfba08blV5kvAdN/mSKD1NgAHsiIcAoPbpCWW3IUiZ/1T9v8YTuDbt
LWkLzSVPbGl2aWVyIEZvdXJkYW4gPG9mb3VyZGFuQHJlZGhhdC5jb20+wncEExEC
ADcCGyMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgBYhBGfchvJiP8X9S7UiXRRwbb4e
S0VABQJfHuODAAoJEBRwbb4eS0VAwOoAn1jPsEMWv/z9pqvw2We5FDLbi0ncAJ9W
bA5E1fHh8m31NdSyFy2tXt8wfcJmBBMRAgAmAhsjBgsJCAcDAgQVAggDBBYCAwEC
HgECF4AFAkajy1gFCRpUHdIACgkQFHBtvh5LRUCnMwCg3qt90PZGBCjwC+RXRQH1
+RznWzEAoKydVzIVeRC2vkGIRUx+k5jX333owmYEExECACYFAkajyDkCGyMFCQlm
AYAGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAUcG2+HktFQAsZAKCa9lmgwpkL
zUpX4caWZi/L8KSK8ACePisjM/gv90AVd+0Br0G98yhLD9LOwU0ERF3SSRAIAI0c
lctVOjdLUtE1ZRYS7Reu/oXSPns8duS4CLHmknF3kgn8uN6L6fptwFzh3yizCMGv
Td4YA4/NimzsQxXmar9fDRg/VHEPsaHrWanE3VPMxBoRyPtnNeQtQXrRb8XCZllo
GvmYQ/CZ8N9IaUq/Q8bbpqyr+dJy/gy+gc0aCxPdZhghxvOKrcJZg7zks52cQegz
Tne6rjU0o/eTeySkWgboL4RaLQndUVX7LJ1UgL3mxr30fgv6JxmN8YkD6lSbb8+i
vXhHX8LNuY8wmX+tCIrlm+20hpWtLEyB3HSnqgyC7Y1v0ZPYmQaRm1AQcafikFml
9CieH9DaV6avfPQLkgsAAwUH/2BX9xYtFY85fSKP7Kz0ClcCHpuweIkmTbPWDT91
HQmf2dRbzI88CV3ZzawJMJHHL1Nua7CGNX1Z+cFJz4QTkyAOXXNlbHaVRXF2Epnw
FfjF5UM/D5j3YiUhXoam1LKz8/VRw3ZDDdc349jKPJEWNEmqs9NeGhSC2YsL2TsO
BaBzWPvRXS1otPCaKOTuDa9h2T8om2SEvqvJjd0jdC0o4khJ8zsYtE3vZBXbyfdf
cn5ktWedyEt6lcRMI04bvu2+j6B68GwtVDNr/RHaDPd+UkbZSHwiRoxGkRUQttYv
Lh/NrtLo8a6NQFWAePMM8nU2P7n6AcRf357nqbwnQWJ/TyvCXQQYEQIAHRYhBGfc
hvJiP8X9S7UiXRRwbb4eS0VABQJfHuPcAAoJEBRwbb4eS0VAnL4Anim4vNYyrDc8
NTdS3mgWGtdXVjWdAKCjUhzkN3uCaYNJR6h0Y1thYuPEJMJMBBgRAgAMBQJGo8tj
BQkaVB2nAAoJEBRwbb4eS0VA5e0AoO/nFK4k4fsAgsLMs02kk3plifoAAJ4iK85P
2PawnJlnupv80Q8b7w2UVcJMBBgRAgAMBQJEXdJJBQkJZgGAAAoJEBRwbb4eS0VA
ugQAoOlJ2NPM8mRqRCA2ZKXPqz7TGm64AKCTLcYRDmqX4aZcgK4yRBbe8GXhDA==
=rEW/
-----END PGP PUBLIC KEY BLOCK-----

188
xwayland.spec Normal file
View File

@ -0,0 +1,188 @@
#
# spec file for package xwayland
#
# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
#Compat macro for new _fillupdir macro introduced in Nov 2017
%if ! %{defined _fillupdir}
%define _fillupdir /var/adm/fillup-templates
%endif
Name: xwayland
Version: 24.1.6
Release: 0
URL: http://xorg.freedesktop.org
Summary: Xwayland Xserver
License: MIT
Group: System/X11/Servers/XF86_4
Source0: %{url}/archive/individual/xserver/%{name}-%{version}.tar.xz
Source1: %{url}/archive/individual/xserver/%{name}-%{version}.tar.xz.sig
Source2: xwayland.keyring
BuildRequires: meson
BuildRequires: ninja
BuildRequires: pkgconfig
BuildRequires: rendercheck
BuildRequires: pkgconfig(bigreqsproto)
BuildRequires: pkgconfig(compositeproto)
BuildRequires: pkgconfig(damageproto)
BuildRequires: pkgconfig(dri)
BuildRequires: pkgconfig(dri3proto) >= 1.4
BuildRequires: pkgconfig(epoxy)
BuildRequires: pkgconfig(fixesproto)
BuildRequires: pkgconfig(fontsproto)
BuildRequires: pkgconfig(fontutil)
BuildRequires: pkgconfig(gbm)
BuildRequires: pkgconfig(gl)
BuildRequires: pkgconfig(glproto)
BuildRequires: pkgconfig(inputproto) >= 2.3.99.1
BuildRequires: pkgconfig(kbproto)
BuildRequires: pkgconfig(libbsd)
%if 0%{?suse_version} >= 1550
BuildRequires: pkgconfig(libdecor-0)
%endif
BuildRequires: pkgconfig(libdrm) >= 2.4.109
%if 0%{?suse_version} >= 1550
BuildRequires: pkgconfig(libei-1.0)
%endif
BuildRequires: pkgconfig(libtirpc)
BuildRequires: pkgconfig(libxcvt)
BuildRequires: pkgconfig(openssl)
BuildRequires: pkgconfig(pixman-1)
BuildRequires: pkgconfig(presentproto) >= 1.4
BuildRequires: pkgconfig(randrproto)
BuildRequires: pkgconfig(recordproto)
BuildRequires: pkgconfig(renderproto)
BuildRequires: pkgconfig(resourceproto)
BuildRequires: pkgconfig(scrnsaverproto)
BuildRequires: pkgconfig(videoproto)
BuildRequires: pkgconfig(wayland-client) >= 1.21.0
BuildRequires: pkgconfig(wayland-protocols) >= 1.34
BuildRequires: pkgconfig(xau)
BuildRequires: pkgconfig(xcb)
BuildRequires: pkgconfig(xcb-damage)
BuildRequires: pkgconfig(xcb-sync)
BuildRequires: pkgconfig(xcb-xinput)
BuildRequires: pkgconfig(xcmiscproto)
BuildRequires: pkgconfig(xdmcp)
BuildRequires: pkgconfig(xextproto)
BuildRequires: pkgconfig(xf86bigfontproto)
BuildRequires: pkgconfig(xf86vidmodeproto)
BuildRequires: pkgconfig(xfont2)
BuildRequires: pkgconfig(xineramaproto)
BuildRequires: pkgconfig(xkbcomp)
BuildRequires: pkgconfig(xkbfile)
BuildRequires: pkgconfig(xproto)
BuildRequires: pkgconfig(xshmfence)
BuildRequires: pkgconfig(xtrans)
%ifnarch s390 s390x
Requires(pre): %fillup_prereq
%endif
Requires: pkgconfig
Requires: xkbcomp
Requires: xkeyboard-config
Recommends: xorg-x11-fonts-core
%ifnarch s390 s390x
Requires: libpixman-1-0
%endif
Obsoletes: xorg-x11-server-wayland < %{version}
Provides: xorg-x11-server-wayland = %{version}
Conflicts: patterns-wsl-tmpfiles
%description
This package contains the Xserver running on the Wayland Display Server.
%package devel
Summary: Development files for Xwayland
Group: System/Libraries
Requires: %{name}
Requires: c_compiler
Requires: meson
Requires: pkgconfig(libdrm)
Requires: pkgconfig(xau)
Requires: pkgconfig(xdmcp)
Requires: pkgconfig(xkbfile)
Requires: pkgconfig(xtrans)
Requires: pkgconfig(xv)
%description devel
This package contains the Xwayland Server development files.
%prep
%autosetup -p1
%build
%{meson} \
-Dglamor=true \
-Dxvfb=true \
-Dglx=true \
-Dxdmcp=true \
-Dxdm-auth-1=true \
-Dsecure-rpc=true \
-Dipv6=true \
-Dinput_thread=true \
-Dvendor_name="SUSE LINUX" \
-Dvendor_name_short="openSUSE" \
-Dvendor_web="https://www.opensuse.org" \
-Dlisten_tcp=false \
-Dlisten_unix=true \
-Dlisten_local=true \
%if 0%{?suse_version} < 1550
-Ddpms=false \
%endif
-Dxf86bigfont=true \
-Dscreensaver=true \
-Dxres=true \
-Dxace=true \
-Dxselinux=false \
-Dxinerama=true \
-Dxcsecurity=true \
-Dxv=true \
-Dmitshm=true \
-Dsha1=libcrypto \
-Ddri3=true \
-Dxwayland-path="%{_bindir}" \
-Ddtrace=false \
-Dlibunwind=false \
-Dxkb_dir="/usr/share/X11/xkb" \
-Dxkb_output_dir="/var/lib/xkb/compiled" \
-Ddefault_font_path="/usr/share/fonts/misc:unscaled,\
/usr/share/fonts/Type1/,/usr/share/fonts/100dpi:unscaled,\
/usr/share/fonts/75dpi:unscaled,/usr/share/fonts/ghostscript/,\
/usr/share/fonts/cyrillic:unscaled,\
/usr/share/fonts/misc/sgi:unscaled,\
/usr/share/fonts/truetype/,built-ins" \
%{nil}
%{meson_build}
%install
%{meson_install}
# Let xorg-x11-server provide the Xserver manual
rm -f %{buildroot}%{_mandir}/man1/Xserver.1
# Provided by xorg-x11-server
rm -f %{buildroot}%{_libdir}/xorg/protocol.txt
%files
%{_bindir}/Xwayland
%{_mandir}/man1/Xwayland.1%{ext_man}
%{_datadir}/applications/org.freedesktop.Xwayland.desktop
%files devel
%{_libdir}/pkgconfig/*.pc
%dir %{_libdir}/xorg
%changelog