forked from pool/xorg-x11-server
- U_rendercompositeglyphs.patch
* X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access Privilege Escalation Vulnerability [CVE-2021-4008, ZDI-CAN-14192] (boo#1193030) OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=810
This commit is contained in:
parent
a3467c2cd2
commit
5caba0411b
29
U_rendercompositeglyphs.patch
Normal file
29
U_rendercompositeglyphs.patch
Normal file
@ -0,0 +1,29 @@
|
||||
--- a/render/render.c
|
||||
+++ a/render/render.c
|
||||
@@ -2309,6 +2309,8 @@ SProcRenderCompositeGlyphs(ClientPtr client)
|
||||
|
||||
i = elt->len;
|
||||
if (i == 0xff) {
|
||||
+ if (buffer + 4 >= end)
|
||||
+ return BadLength;
|
||||
swapl((int *) buffer);
|
||||
buffer += 4;
|
||||
}
|
||||
@@ -2320,12 +2322,16 @@ SProcRenderCompositeGlyphs(ClientPtr client)
|
||||
break;
|
||||
case 2:
|
||||
while (i--) {
|
||||
+ if (buffer + 2 >= end)
|
||||
+ return BadLength;
|
||||
swaps((short *) buffer);
|
||||
buffer += 2;
|
||||
}
|
||||
break;
|
||||
case 4:
|
||||
while (i--) {
|
||||
+ if (buffer + 4 >= end)
|
||||
+ return BadLength;
|
||||
swapl((int *) buffer);
|
||||
buffer += 4;
|
||||
}
|
||||
|
@ -1,3 +1,11 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 14 15:31:41 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
|
||||
|
||||
- U_rendercompositeglyphs.patch
|
||||
* X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access
|
||||
Privilege Escalation Vulnerability [CVE-2021-4008, ZDI-CAN-14192]
|
||||
(boo#1193030)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 14 14:14:45 UTC 2021 - Thomas Zimmermann <tzimmermann@suse.de>
|
||||
|
||||
@ -14,16 +22,16 @@ Tue Dec 14 14:14:45 UTC 2021 - Thomas Zimmermann <tzimmermann@suse.de>
|
||||
Fri Dec 3 14:41:55 UTC 2021 - Thomas Zimmermann <tzimmermann@suse.com>
|
||||
|
||||
- u_pci-primary-Fix-up-primary-PCI-device-detection-for-the-platfrom-bus.patch
|
||||
* Fix SEGFAULT when parsing bus IDs of NULL
|
||||
* Fix SEGFAULT when parsing bus IDs of NULL (boo#1193250)
|
||||
- u_Support-configuration-files-under-run-X11-xorg.conf..patch
|
||||
* Support configuration files under /run. Required for generating
|
||||
configuration files via udev.
|
||||
configuration files via udev. (boo#1193250)
|
||||
- u_Add-udev-scripts-for-configuration-of-platform-devic.patch
|
||||
* Generate configuration files for platform devices
|
||||
* Generate configuration files for platform devices (boo#1193250)
|
||||
- u_Revert-xf86-Accept-devices-with-the-simpledrm-driver.patch
|
||||
* Code has been obsoleted by udev patchset
|
||||
* Code has been obsoleted by udev patchset (boo#1193250)
|
||||
- u_Add-udev-rule-for-HyperV-devices.patch
|
||||
* Same as for platform devices, but on HyperV
|
||||
* Same as for platform devices, but on HyperV (boo#1193250)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 19 15:49:28 UTC 2021 - Stefan Dirsch <sndirsch@suse.com>
|
||||
|
@ -241,6 +241,8 @@ Patch1910: u_modesetting-Fix-dirty-updates-for-sw-rotation.patch
|
||||
|
||||
Patch1920: u_xf86-Accept-devices-with-the-hyperv_drm-driver.patch
|
||||
|
||||
Patch1193030: U_rendercompositeglyphs.patch
|
||||
|
||||
%description
|
||||
This package contains the X.Org Server.
|
||||
|
||||
@ -396,6 +398,7 @@ sh %{SOURCE92} --verify . %{SOURCE91}
|
||||
%patch1900 -p1
|
||||
%patch1910 -p1
|
||||
%patch1920 -p1
|
||||
%patch1193030 -p1
|
||||
|
||||
%build
|
||||
%global _lto_cflags %{?_lto_cflags} -ffat-lto-objects
|
||||
|
Loading…
Reference in New Issue
Block a user