forked from pool/xorg-x11-server
- Update to version xorg-server-21.1.7:
* This release contains the fix for CVE-2023-0494 in today's security advisory: https://lists.x.org/archives/xorg-announce/2023-February/003320.html It also fixes a second possible OOB access during EnqueueEvent and a crasher caused by ResourceClientBits not correctly honouring the MaxClients value in the configuration file. - supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch, U_xorg-server-oob-read-enqueue-event.patch OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=852
This commit is contained in:
parent
ac6d09dc19
commit
8832186295
@ -1,20 +0,0 @@
|
|||||||
@@ -, +, @@
|
|
||||||
DeepCopyPointerClasses
|
|
||||||
---
|
|
||||||
Xi/exevents.c | 4 +++-
|
|
||||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
|
||||||
--- a/Xi/exevents.c
|
|
||||||
+++ a/Xi/exevents.c
|
|
||||||
@@ -619,8 +619,10 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to)
|
|
||||||
memcpy(to->button->xkb_acts, from->button->xkb_acts,
|
|
||||||
sizeof(XkbAction));
|
|
||||||
}
|
|
||||||
- else
|
|
||||||
+ else {
|
|
||||||
free(to->button->xkb_acts);
|
|
||||||
+ to->button->xkb_acts = NULL;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
memcpy(to->button->labels, from->button->labels,
|
|
||||||
from->button->numButtons * sizeof(Atom));
|
|
||||||
--
|
|
@ -1,29 +0,0 @@
|
|||||||
From 2ef5ef57bd37a8bec2ac454053b283c6f87c3b40 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Mike Gorse <mgorse@suse.com>
|
|
||||||
Date: Wed, 25 Jan 2023 02:02:48 +0000
|
|
||||||
Subject: [PATCH] dix: Use CopyPartialInternalEvent in EnqueueEvent
|
|
||||||
|
|
||||||
The event might be a DeviceEvent allocated on the stack, in
|
|
||||||
AccessXKeyboardEvent for instance. Fixes out-of-bounds read.
|
|
||||||
|
|
||||||
Signed-off-by: Mike Gorse <mgorse@suse.com>
|
|
||||||
---
|
|
||||||
dix/events.c | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/dix/events.c b/dix/events.c
|
|
||||||
index 782ed35dc..86f5357e8 100644
|
|
||||||
--- a/dix/events.c
|
|
||||||
+++ b/dix/events.c
|
|
||||||
@@ -1215,7 +1215,7 @@ EnqueueEvent(InternalEvent *ev, DeviceIntPtr device)
|
|
||||||
qe->pScreen = pSprite->hotPhys.pScreen;
|
|
||||||
qe->months = currentTime.months;
|
|
||||||
qe->event = (InternalEvent *) (qe + 1);
|
|
||||||
- memcpy(qe->event, event, eventlen);
|
|
||||||
+ CopyPartialInternalEvent(qe->event, (InternalEvent *)event);
|
|
||||||
xorg_list_append(&qe->next, &syncEvents.pending);
|
|
||||||
}
|
|
||||||
|
|
||||||
--
|
|
||||||
2.39.0
|
|
||||||
|
|
3
xorg-server-21.1.7.tar.xz
Normal file
3
xorg-server-21.1.7.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:d9c60b2dd0ec52326ca6ab20db0e490b1ff4f566f59ca742d6532e92795877bb
|
||||||
|
size 4933292
|
@ -1,3 +1,16 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Feb 7 14:35:33 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
|
||||||
|
|
||||||
|
- Update to version xorg-server-21.1.7:
|
||||||
|
* This release contains the fix for CVE-2023-0494 in today's security
|
||||||
|
advisory:
|
||||||
|
https://lists.x.org/archives/xorg-announce/2023-February/003320.html
|
||||||
|
It also fixes a second possible OOB access during EnqueueEvent and a
|
||||||
|
crasher caused by ResourceClientBits not correctly honouring the
|
||||||
|
MaxClients value in the configuration file.
|
||||||
|
- supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch,
|
||||||
|
U_xorg-server-oob-read-enqueue-event.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Feb 1 10:18:32 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
|
Wed Feb 1 10:18:32 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
|
||||||
|
|
||||||
|
@ -36,14 +36,14 @@
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
Name: xorg-x11-server
|
Name: xorg-x11-server
|
||||||
Version: 21.1.6
|
Version: 21.1.7
|
||||||
Release: 0
|
Release: 0
|
||||||
URL: http://xorg.freedesktop.org/
|
URL: http://xorg.freedesktop.org/
|
||||||
Summary: X
|
Summary: X
|
||||||
# Source URL: http://xorg.freedesktop.org/archive/individual/xserver/
|
# Source URL: http://xorg.freedesktop.org/archive/individual/xserver/
|
||||||
License: MIT
|
License: MIT
|
||||||
Group: System/X11/Servers/XF86_4
|
Group: System/X11/Servers/XF86_4
|
||||||
Source0: xserver-xorg-server-%{version}.tar.xz
|
Source0: xorg-server-%{version}.tar.xz
|
||||||
Source1: sysconfig.displaymanager.template
|
Source1: sysconfig.displaymanager.template
|
||||||
Source2: README.updates
|
Source2: README.updates
|
||||||
Source3: xorgcfg.tar.bz2
|
Source3: xorgcfg.tar.bz2
|
||||||
@ -208,7 +208,6 @@ Patch12: n_xorg-wrapper-anybody.patch
|
|||||||
Patch100: u_01-Improved-ConfineToShape.patch
|
Patch100: u_01-Improved-ConfineToShape.patch
|
||||||
Patch101: u_02-DIX-ConfineTo-Don-t-bother-about-the-bounding-box-when-grabbing-a-shaped-window.patch
|
Patch101: u_02-DIX-ConfineTo-Don-t-bother-about-the-bounding-box-when-grabbing-a-shaped-window.patch
|
||||||
Patch104: u_xorg-server-xdmcp.patch
|
Patch104: u_xorg-server-xdmcp.patch
|
||||||
Patch105: U_xorg-server-oob-read-enqueue-event.patch
|
|
||||||
|
|
||||||
Patch117: xorg-x11-server-byte-order.patch
|
Patch117: xorg-x11-server-byte-order.patch
|
||||||
|
|
||||||
@ -243,8 +242,6 @@ Patch1940: U_xephyr-Don-t-check-for-SeatId-anymore.patch
|
|||||||
|
|
||||||
Patch1960: u_sync-pci-ids-with-Mesa.patch
|
Patch1960: u_sync-pci-ids-with-Mesa.patch
|
||||||
|
|
||||||
Patch1207783: U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
This package contains the X.Org Server.
|
This package contains the X.Org Server.
|
||||||
|
|
||||||
@ -350,7 +347,7 @@ Group: Development/Sources
|
|||||||
This package contains patched sources of X.Org Server.
|
This package contains patched sources of X.Org Server.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n xserver-xorg-server-%{version} -a3
|
%setup -q -n xorg-server-%{version} -a3
|
||||||
# Early verification if the ABI Defines are correct. Let's not waste build cycles if the Provides are wrong at the end.
|
# Early verification if the ABI Defines are correct. Let's not waste build cycles if the Provides are wrong at the end.
|
||||||
sh %{SOURCE92} --verify . %{SOURCE91}
|
sh %{SOURCE92} --verify . %{SOURCE91}
|
||||||
|
|
||||||
@ -372,7 +369,6 @@ sh %{SOURCE92} --verify . %{SOURCE91}
|
|||||||
%patch100 -p1
|
%patch100 -p1
|
||||||
#%patch101 -p1
|
#%patch101 -p1
|
||||||
%patch104 -p1
|
%patch104 -p1
|
||||||
%patch105 -p1
|
|
||||||
%patch117 -p1
|
%patch117 -p1
|
||||||
%patch160 -p1
|
%patch160 -p1
|
||||||
%patch208 -p1
|
%patch208 -p1
|
||||||
@ -403,7 +399,6 @@ sh %{SOURCE92} --verify . %{SOURCE91}
|
|||||||
%patch1930 -p1
|
%patch1930 -p1
|
||||||
%patch1940 -p1
|
%patch1940 -p1
|
||||||
%patch1960 -p1
|
%patch1960 -p1
|
||||||
%patch1207783 -p1
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
# We have some -z now related errors during X default startup (boo#1197994):
|
# We have some -z now related errors during X default startup (boo#1197994):
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:a06a5c27d9ec99ee9673d9f173e2d8dc36ded69817c8cd4395b9de22375fcf2f
|
|
||||||
size 2929780
|
|
Loading…
Reference in New Issue
Block a user