From ac6d09dc196524684b43ac41b232eaf11bff0bd3ef6bec1e6f3a057e77c16b09 Mon Sep 17 00:00:00 2001 From: Stefan Dirsch Date: Tue, 7 Feb 2023 02:58:41 +0000 Subject: [PATCH] - U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch * DeepCopyPointerClasses use-after-free (CVE-2023-0494, ZDI-CAN-19596, bsc#1207783) OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=851 --- ...-use-after-free-in-DeepCopyPointerCl.patch | 20 +++++++++++++++++++ xorg-x11-server.changes | 7 +++++++ xorg-x11-server.spec | 3 +++ 3 files changed, 30 insertions(+) create mode 100644 U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch diff --git a/U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch b/U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch new file mode 100644 index 0000000..a19074e --- /dev/null +++ b/U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch @@ -0,0 +1,20 @@ +@@ -, +, @@ + DeepCopyPointerClasses +--- + Xi/exevents.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) +--- a/Xi/exevents.c ++++ a/Xi/exevents.c +@@ -619,8 +619,10 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to) + memcpy(to->button->xkb_acts, from->button->xkb_acts, + sizeof(XkbAction)); + } +- else ++ else { + free(to->button->xkb_acts); ++ to->button->xkb_acts = NULL; ++ } + + memcpy(to->button->labels, from->button->labels, + from->button->numButtons * sizeof(Atom)); +-- diff --git a/xorg-x11-server.changes b/xorg-x11-server.changes index 19c7aa5..dda2736 100644 --- a/xorg-x11-server.changes +++ b/xorg-x11-server.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Feb 1 10:18:32 UTC 2023 - Stefan Dirsch + +- U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch + * DeepCopyPointerClasses use-after-free (CVE-2023-0494, + ZDI-CAN-19596, bsc#1207783) + ------------------------------------------------------------------- Wed Jan 25 16:02:23 UTC 2023 - Stefan Dirsch diff --git a/xorg-x11-server.spec b/xorg-x11-server.spec index 6e54b45..7bc7fd7 100644 --- a/xorg-x11-server.spec +++ b/xorg-x11-server.spec @@ -243,6 +243,8 @@ Patch1940: U_xephyr-Don-t-check-for-SeatId-anymore.patch Patch1960: u_sync-pci-ids-with-Mesa.patch +Patch1207783: U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch + %description This package contains the X.Org Server. @@ -401,6 +403,7 @@ sh %{SOURCE92} --verify . %{SOURCE91} %patch1930 -p1 %patch1940 -p1 %patch1960 -p1 +%patch1207783 -p1 %build # We have some -z now related errors during X default startup (boo#1197994):