diff --git a/U_rendercompositeglyphs.patch b/U_rendercompositeglyphs.patch new file mode 100644 index 0000000..7e59fa2 --- /dev/null +++ b/U_rendercompositeglyphs.patch @@ -0,0 +1,29 @@ +--- a/render/render.c ++++ a/render/render.c +@@ -2309,6 +2309,8 @@ SProcRenderCompositeGlyphs(ClientPtr client) + + i = elt->len; + if (i == 0xff) { ++ if (buffer + 4 >= end) ++ return BadLength; + swapl((int *) buffer); + buffer += 4; + } +@@ -2320,12 +2322,16 @@ SProcRenderCompositeGlyphs(ClientPtr client) + break; + case 2: + while (i--) { ++ if (buffer + 2 >= end) ++ return BadLength; + swaps((short *) buffer); + buffer += 2; + } + break; + case 4: + while (i--) { ++ if (buffer + 4 >= end) ++ return BadLength; + swapl((int *) buffer); + buffer += 4; + } + diff --git a/xorg-x11-server.changes b/xorg-x11-server.changes index 8c8981c..d8da6f8 100644 --- a/xorg-x11-server.changes +++ b/xorg-x11-server.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Tue Dec 14 15:31:41 UTC 2021 - Stefan Dirsch + +- U_rendercompositeglyphs.patch + * X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access + Privilege Escalation Vulnerability [CVE-2021-4008, ZDI-CAN-14192] + (boo#1193030) + ------------------------------------------------------------------- Tue Dec 14 14:14:45 UTC 2021 - Thomas Zimmermann @@ -14,16 +22,16 @@ Tue Dec 14 14:14:45 UTC 2021 - Thomas Zimmermann Fri Dec 3 14:41:55 UTC 2021 - Thomas Zimmermann - u_pci-primary-Fix-up-primary-PCI-device-detection-for-the-platfrom-bus.patch - * Fix SEGFAULT when parsing bus IDs of NULL + * Fix SEGFAULT when parsing bus IDs of NULL (boo#1193250) - u_Support-configuration-files-under-run-X11-xorg.conf..patch * Support configuration files under /run. Required for generating - configuration files via udev. + configuration files via udev. (boo#1193250) - u_Add-udev-scripts-for-configuration-of-platform-devic.patch - * Generate configuration files for platform devices + * Generate configuration files for platform devices (boo#1193250) - u_Revert-xf86-Accept-devices-with-the-simpledrm-driver.patch - * Code has been obsoleted by udev patchset + * Code has been obsoleted by udev patchset (boo#1193250) - u_Add-udev-rule-for-HyperV-devices.patch - * Same as for platform devices, but on HyperV + * Same as for platform devices, but on HyperV (boo#1193250) ------------------------------------------------------------------- Fri Nov 19 15:49:28 UTC 2021 - Stefan Dirsch diff --git a/xorg-x11-server.spec b/xorg-x11-server.spec index b7d7ee7..eb9a9dc 100644 --- a/xorg-x11-server.spec +++ b/xorg-x11-server.spec @@ -241,6 +241,8 @@ Patch1910: u_modesetting-Fix-dirty-updates-for-sw-rotation.patch Patch1920: u_xf86-Accept-devices-with-the-hyperv_drm-driver.patch +Patch1193030: U_rendercompositeglyphs.patch + %description This package contains the X.Org Server. @@ -396,6 +398,7 @@ sh %{SOURCE92} --verify . %{SOURCE91} %patch1900 -p1 %patch1910 -p1 %patch1920 -p1 +%patch1193030 -p1 %build %global _lto_cflags %{?_lto_cflags} -ffat-lto-objects