1
0

- U_rendercompositeglyphs.patch

* X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access 
    Privilege Escalation Vulnerability [CVE-2021-4008, ZDI-CAN-14192]
    (boo#1193030)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=810
This commit is contained in:
Stefan Dirsch 2021-12-14 15:39:29 +00:00 committed by Git OBS Bridge
parent a3467c2cd2
commit 5caba0411b
3 changed files with 45 additions and 5 deletions

View File

@ -0,0 +1,29 @@
--- a/render/render.c
+++ a/render/render.c
@@ -2309,6 +2309,8 @@ SProcRenderCompositeGlyphs(ClientPtr client)
i = elt->len;
if (i == 0xff) {
+ if (buffer + 4 >= end)
+ return BadLength;
swapl((int *) buffer);
buffer += 4;
}
@@ -2320,12 +2322,16 @@ SProcRenderCompositeGlyphs(ClientPtr client)
break;
case 2:
while (i--) {
+ if (buffer + 2 >= end)
+ return BadLength;
swaps((short *) buffer);
buffer += 2;
}
break;
case 4:
while (i--) {
+ if (buffer + 4 >= end)
+ return BadLength;
swapl((int *) buffer);
buffer += 4;
}

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Tue Dec 14 15:31:41 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
- U_rendercompositeglyphs.patch
* X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access
Privilege Escalation Vulnerability [CVE-2021-4008, ZDI-CAN-14192]
(boo#1193030)
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Dec 14 14:14:45 UTC 2021 - Thomas Zimmermann <tzimmermann@suse.de> Tue Dec 14 14:14:45 UTC 2021 - Thomas Zimmermann <tzimmermann@suse.de>
@ -14,16 +22,16 @@ Tue Dec 14 14:14:45 UTC 2021 - Thomas Zimmermann <tzimmermann@suse.de>
Fri Dec 3 14:41:55 UTC 2021 - Thomas Zimmermann <tzimmermann@suse.com> Fri Dec 3 14:41:55 UTC 2021 - Thomas Zimmermann <tzimmermann@suse.com>
- u_pci-primary-Fix-up-primary-PCI-device-detection-for-the-platfrom-bus.patch - u_pci-primary-Fix-up-primary-PCI-device-detection-for-the-platfrom-bus.patch
* Fix SEGFAULT when parsing bus IDs of NULL * Fix SEGFAULT when parsing bus IDs of NULL (boo#1193250)
- u_Support-configuration-files-under-run-X11-xorg.conf..patch - u_Support-configuration-files-under-run-X11-xorg.conf..patch
* Support configuration files under /run. Required for generating * Support configuration files under /run. Required for generating
configuration files via udev. configuration files via udev. (boo#1193250)
- u_Add-udev-scripts-for-configuration-of-platform-devic.patch - u_Add-udev-scripts-for-configuration-of-platform-devic.patch
* Generate configuration files for platform devices * Generate configuration files for platform devices (boo#1193250)
- u_Revert-xf86-Accept-devices-with-the-simpledrm-driver.patch - u_Revert-xf86-Accept-devices-with-the-simpledrm-driver.patch
* Code has been obsoleted by udev patchset * Code has been obsoleted by udev patchset (boo#1193250)
- u_Add-udev-rule-for-HyperV-devices.patch - u_Add-udev-rule-for-HyperV-devices.patch
* Same as for platform devices, but on HyperV * Same as for platform devices, but on HyperV (boo#1193250)
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Nov 19 15:49:28 UTC 2021 - Stefan Dirsch <sndirsch@suse.com> Fri Nov 19 15:49:28 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>

View File

@ -241,6 +241,8 @@ Patch1910: u_modesetting-Fix-dirty-updates-for-sw-rotation.patch
Patch1920: u_xf86-Accept-devices-with-the-hyperv_drm-driver.patch Patch1920: u_xf86-Accept-devices-with-the-hyperv_drm-driver.patch
Patch1193030: U_rendercompositeglyphs.patch
%description %description
This package contains the X.Org Server. This package contains the X.Org Server.
@ -396,6 +398,7 @@ sh %{SOURCE92} --verify . %{SOURCE91}
%patch1900 -p1 %patch1900 -p1
%patch1910 -p1 %patch1910 -p1
%patch1920 -p1 %patch1920 -p1
%patch1193030 -p1
%build %build
%global _lto_cflags %{?_lto_cflags} -ffat-lto-objects %global _lto_cflags %{?_lto_cflags} -ffat-lto-objects