From 208189730c110c97f218c386448bdcda4d71c392746d4ece5c6356f74e5e4456 Mon Sep 17 00:00:00 2001 From: Stefan Dirsch Date: Tue, 14 Dec 2021 15:52:17 +0000 Subject: [PATCH] - Update to version 21.1.4 * Fixes for multiple input validation failures in X server extensions: + CVE-2021-4008/ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds access (boo#1193030) + CVE-2021-4009/ZDI-CAN 14950 SProcXFixesCreatePointerBarrier out-of-bounds access (boo#1190487) + CVE-2021-4010/ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access (boo#1190488) + CVE-2021-4011/ZDI-CAN-14952 SwapCreateRegister out-of-bounds access (boo#1190489) * This release also includes other fixes such as: + Store EGLcontext to avoid superfluous eglMakeCurrent() calls + Prefer EGLStream with NVIDIA proprietary driver if both GBM and EGLstream are available OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xwayland?expand=0&rev=21 --- xwayland-21.1.3.tar.xz | 3 --- xwayland-21.1.3.tar.xz.sig | Bin 95 -> 0 bytes xwayland-21.1.4.tar.xz | 3 +++ xwayland-21.1.4.tar.xz.sig | Bin 0 -> 95 bytes xwayland.changes | 13 +++++++++++++ xwayland.spec | 2 +- 6 files changed, 17 insertions(+), 4 deletions(-) delete mode 100644 xwayland-21.1.3.tar.xz delete mode 100644 xwayland-21.1.3.tar.xz.sig create mode 100644 xwayland-21.1.4.tar.xz create mode 100644 xwayland-21.1.4.tar.xz.sig diff --git a/xwayland-21.1.3.tar.xz b/xwayland-21.1.3.tar.xz deleted file mode 100644 index 4172ddd..0000000 --- a/xwayland-21.1.3.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ebc2757f39fd4c7db1654fd86591589c211aa20172d43a54f77ae567cedbf8a2 -size 1261776 diff --git a/xwayland-21.1.3.tar.xz.sig b/xwayland-21.1.3.tar.xz.sig deleted file mode 100644 index efe00e172a147a282fd9ce0aa9865056bc0a3bb42287d2ea8f21b6199b5a33bf..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 95 zcmeB(WnmCxVvrS6WJ$l%_9@B!=wI)xO0gmZx%=e2T^(4N5z3 v702v%d-~F>gYG9YezovjQSOOlm}jY7epk_DXY{PXB=+dZoqvvfXmAGrVX-CN diff --git a/xwayland-21.1.4.tar.xz b/xwayland-21.1.4.tar.xz new file mode 100644 index 0000000..600cf2d --- /dev/null +++ b/xwayland-21.1.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:19f6795f31cfa8eb352b1e5b3c379f22ee6020e98701ff2cc679da8c4f1159f7 +size 1261712 diff --git a/xwayland-21.1.4.tar.xz.sig b/xwayland-21.1.4.tar.xz.sig new file mode 100644 index 0000000000000000000000000000000000000000000000000000000000000000..b0fbb4890e34b640e404ca00194bd40090fbff8db47fa16299cbb1d2ec391479 GIT binary patch literal 95 zcmeB(WnmCxVvrS6WJ$l%_9@B!=wI)xO0gmZx%=e2T^(4N5_c?K&cMYf025j0#IRt_ vsb@drk2dYFZ{E*l`@q{&^*OUU!(8#?$0_HoSY9f874~EO`pJjmSp{+dZdxW` literal 0 HcmV?d00001 diff --git a/xwayland.changes b/xwayland.changes index 2d148fd..fdf75fd 100644 --- a/xwayland.changes +++ b/xwayland.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Tue Dec 14 15:44:46 UTC 2021 - Stefan Dirsch + +- Update to version 21.1.4 + * Fixes for multiple input validation failures in X server extensions: + + CVE-2021-4008/ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds access (boo#1193030) + + CVE-2021-4009/ZDI-CAN 14950 SProcXFixesCreatePointerBarrier out-of-bounds access (boo#1190487) + + CVE-2021-4010/ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access (boo#1190488) + + CVE-2021-4011/ZDI-CAN-14952 SwapCreateRegister out-of-bounds access (boo#1190489) + * This release also includes other fixes such as: + + Store EGLcontext to avoid superfluous eglMakeCurrent() calls + + Prefer EGLStream with NVIDIA proprietary driver if both GBM and EGLstream are available + ------------------------------------------------------------------- Mon Nov 8 11:45:16 UTC 2021 - Stefan Dirsch diff --git a/xwayland.spec b/xwayland.spec index 465699a..7e6bc00 100644 --- a/xwayland.spec +++ b/xwayland.spec @@ -24,7 +24,7 @@ %endif Name: xwayland -Version: 21.1.3 +Version: 21.1.4 Release: 0 URL: http://xorg.freedesktop.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-build