1
0

Accepting request 312322 from home:tobijk:X11:XOrg

- Update to version 1.17.2:
  Pick up a pile of fixes from master. Notable highlights:
  + Fix for CVE-2015-3164 in Xwayland
  + Fix int10 setup for vesa
  + Fix regression in server-interpreted auth
  + Fix fb setup on big-endian CPUs
  + Build fix for for gcc5
- Dropped patches:
  + Patch110: u_connection-avoid-crash-when-CloseWellKnownConnections-gets-called-twice.patch
  + Patch113: u_symbols-Fix-sdksyms.sh-to-cope-with-gcc5.patch
  + Patch116: U_os-XDMCP-options-like-query-etc-should-imply-listen.patch
  + Patch118: U_int10-Fix-error-check-for-pci_device_map_legacy.patch
  + Patch119: U_xwayland-enable-access-control-on-open-socket.patch
  + Patch120: U_os-support-new-implicit-local-user-access-mode.patch
  + Patch121: U_xwayland-default-to-local-user-if-no-xauth-file-given.patch
  + Patch2000: U_systemd-logind-filter-out-non-signal-messages-from.patch
  + Patch2001: U_systemd-logind-dont-second-guess-D-Bus-default-tim.patch
- Changed patches to work with the new version:
  + Patch114: u_ad-hoc-fix-for-mmap-s-truncated-offset-parameter-on-.patch

OBS-URL: https://build.opensuse.org/request/show/312322
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=576
This commit is contained in:
Stefan Dirsch 2015-06-17 10:50:34 +00:00 committed by Git OBS Bridge
parent bc8b5dc1a8
commit fbcb773284
14 changed files with 34 additions and 678 deletions

View File

@ -1,45 +0,0 @@
From: Jürg Billeter <j@bitron.ch>
Date: Sat Feb 7 18:13:21 2015 +0100
Subject: [PATCH]int10: Fix error check for pci_device_map_legacy
Patch-mainline: Upstream
Git-commit: 0a78b599b34cc8b5fe6fe82f90e90234e8ab7a56
Git-repo: git://anongit.freedesktop.org/git/xorg/xserver
References: bsc#932319
Signed-off-by: Egbert Eich <eich@suse.com>
pci_device_map_legacy returns 0 on success.
Signed-off-by: Jürg Billeter <j@bitron.ch>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
hw/xfree86/int10/generic.c | 2 +-
hw/xfree86/os-support/linux/int10/linux.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/xfree86/int10/generic.c b/hw/xfree86/int10/generic.c
index 012d194..8d5c4da 100644
--- a/hw/xfree86/int10/generic.c
+++ b/hw/xfree86/int10/generic.c
@@ -104,7 +104,7 @@ readIntVec(struct pci_device *dev, unsigned char *buf, int len)
{
void *map;
- if (!pci_device_map_legacy(dev, 0, len, 0, &map))
+ if (pci_device_map_legacy(dev, 0, len, 0, &map))
return FALSE;
memcpy(buf, map, len);
diff --git a/hw/xfree86/os-support/linux/int10/linux.c b/hw/xfree86/os-support/linux/int10/linux.c
index 79b9a88..6ca118f 100644
--- a/hw/xfree86/os-support/linux/int10/linux.c
+++ b/hw/xfree86/os-support/linux/int10/linux.c
@@ -75,7 +75,7 @@ readLegacy(struct pci_device *dev, unsigned char *buf, int base, int len)
{
void *map;
- if (!pci_device_map_legacy(dev, base, len, 0, &map))
+ if (pci_device_map_legacy(dev, base, len, 0, &map))
return FALSE;
memcpy(buf, map, len);

View File

@ -1,82 +0,0 @@
Git-commit: 491cf02e191e70c5ce24c19da880bb79bebfc03c
Author: Jon TURNEY <jon.turney@dronecode.org.uk>
Subject: os: XDMCP options like -query etc. should imply -listen tcp
Patch-Mainline: Upstream
Signed-off-by: Michal Srb <msrb@suse.com>
In X server 1.17, the default configuration is now -nolisten tcp. In this
configuration, XDMCP options don't work usefully, as the X server is not
listening on the port for the display that it tells the display manager to
connect to.
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Colin Harrison <colin.harrison@virgin.net>
---
os/xdmcp.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/os/xdmcp.c b/os/xdmcp.c
index b6e97c9..bc5a707 100644
--- a/os/xdmcp.c
+++ b/os/xdmcp.c
@@ -48,6 +48,11 @@
#include <netdir.h>
#endif
+#define XSERV_t
+#define TRANS_SERVER
+#define TRANS_REOPEN
+#include <X11/Xtrans/Xtrans.h>
+
#ifdef XDMCP
#undef REQUEST
@@ -242,6 +247,14 @@ XdmcpUseMsg(void)
ErrorF("-displayID display-id manufacturer display ID for request\n");
}
+static void
+XdmcpDefaultListen(void)
+{
+ /* Even when configured --disable-listen-tcp, we should listen on tcp in
+ XDMCP modes */
+ _XSERVTransListen("tcp");
+}
+
int
XdmcpOptions(int argc, char **argv, int i)
{
@@ -249,11 +262,13 @@ XdmcpOptions(int argc, char **argv, int i)
get_manager_by_name(argc, argv, i++);
XDM_INIT_STATE = XDM_QUERY;
AccessUsingXdmcp();
+ XdmcpDefaultListen();
return i + 1;
}
if (strcmp(argv[i], "-broadcast") == 0) {
XDM_INIT_STATE = XDM_BROADCAST;
AccessUsingXdmcp();
+ XdmcpDefaultListen();
return i + 1;
}
#if defined(IPv6) && defined(AF_INET6)
@@ -261,6 +276,7 @@ XdmcpOptions(int argc, char **argv, int i)
i = get_mcast_options(argc, argv, ++i);
XDM_INIT_STATE = XDM_MULTICAST;
AccessUsingXdmcp();
+ XdmcpDefaultListen();
return i + 1;
}
#endif
@@ -268,6 +284,7 @@ XdmcpOptions(int argc, char **argv, int i)
get_manager_by_name(argc, argv, i++);
XDM_INIT_STATE = XDM_INDIRECT;
AccessUsingXdmcp();
+ XdmcpDefaultListen();
return i + 1;
}
if (strcmp(argv[i], "-port") == 0) {
--
2.3.3

View File

@ -1,245 +0,0 @@
Subject: os: support new implicit local user access mode
Author: Ray Strode <rstrode@redhat.com>
Path-mainline: Upstream
Git-commit: 4b4b9086d02b80549981d205fb1f495edc373538
References: bnc#934102 CVE-2015-3164
Signed-off-by: Michal Srb <msrb@suse.com>
If the X server is started without a '-auth' argument, then
it gets started wide open to all local users on the system.
This isn't a great default access model, but changing it in
Xorg at this point would break backward compatibility.
Xwayland, on the other hand is new, and much more targeted
in scope. It could, in theory, be changed to allow the much
more secure default of a "user who started X server can connect
clients to that server."
This commit paves the way for that change, by adding a mechanism
for DDXs to opt-in to that behavior. They merely need to call
LocalAccessScopeUser()
in their init functions.
A subsequent commit will add that call for Xwayland.
Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
diff --git a/include/os.h b/include/os.h
index 6638c84..b2b96c8 100644
--- a/include/os.h
+++ b/include/os.h
@@ -431,11 +431,28 @@ extern _X_EXPORT void
ResetHosts(const char *display);
extern _X_EXPORT void
+EnableLocalAccess(void);
+
+extern _X_EXPORT void
+DisableLocalAccess(void);
+
+extern _X_EXPORT void
EnableLocalHost(void);
extern _X_EXPORT void
DisableLocalHost(void);
+#ifndef NO_LOCAL_CLIENT_CRED
+extern _X_EXPORT void
+EnableLocalUser(void);
+
+extern _X_EXPORT void
+DisableLocalUser(void);
+
+extern _X_EXPORT void
+LocalAccessScopeUser(void);
+#endif
+
extern _X_EXPORT void
AccessUsingXdmcp(void);
diff --git a/os/access.c b/os/access.c
index 8fa028e..75e7a69 100644
--- a/os/access.c
+++ b/os/access.c
@@ -102,6 +102,10 @@ SOFTWARE.
#include <sys/ioctl.h>
#include <ctype.h>
+#ifndef NO_LOCAL_CLIENT_CRED
+#include <pwd.h>
+#endif
+
#if defined(TCPCONN) || defined(STREAMSCONN)
#include <netinet/in.h>
#endif /* TCPCONN || STREAMSCONN */
@@ -225,6 +229,13 @@ static int LocalHostEnabled = FALSE;
static int LocalHostRequested = FALSE;
static int UsingXdmcp = FALSE;
+static enum {
+ LOCAL_ACCESS_SCOPE_HOST = 0,
+#ifndef NO_LOCAL_CLIENT_CRED
+ LOCAL_ACCESS_SCOPE_USER,
+#endif
+} LocalAccessScope;
+
/* FamilyServerInterpreted implementation */
static Bool siAddrMatch(int family, void *addr, int len, HOST * host,
ClientPtr client);
@@ -237,6 +248,21 @@ static void siTypesInitialize(void);
*/
void
+EnableLocalAccess(void)
+{
+ switch (LocalAccessScope) {
+ case LOCAL_ACCESS_SCOPE_HOST:
+ EnableLocalHost();
+ break;
+#ifndef NO_LOCAL_CLIENT_CRED
+ case LOCAL_ACCESS_SCOPE_USER:
+ EnableLocalUser();
+ break;
+#endif
+ }
+}
+
+void
EnableLocalHost(void)
{
if (!UsingXdmcp) {
@@ -249,6 +275,21 @@ EnableLocalHost(void)
* called when authorization is enabled to keep us secure
*/
void
+DisableLocalAccess(void)
+{
+ switch (LocalAccessScope) {
+ case LOCAL_ACCESS_SCOPE_HOST:
+ DisableLocalHost();
+ break;
+#ifndef NO_LOCAL_CLIENT_CRED
+ case LOCAL_ACCESS_SCOPE_USER:
+ DisableLocalUser();
+ break;
+#endif
+ }
+}
+
+void
DisableLocalHost(void)
{
HOST *self;
@@ -262,6 +303,74 @@ DisableLocalHost(void)
}
}
+#ifndef NO_LOCAL_CLIENT_CRED
+static int GetLocalUserAddr(char **addr)
+{
+ static const char *type = "localuser";
+ static const char delimiter = '\0';
+ static const char *value;
+ struct passwd *pw;
+ int length = -1;
+
+ pw = getpwuid(getuid());
+
+ if (pw == NULL || pw->pw_name == NULL)
+ goto out;
+
+ value = pw->pw_name;
+
+ length = asprintf(addr, "%s%c%s", type, delimiter, value);
+
+ if (length == -1) {
+ goto out;
+ }
+
+ /* Trailing NUL */
+ length++;
+
+out:
+ return length;
+}
+
+void
+EnableLocalUser(void)
+{
+ char *addr = NULL;
+ int length = -1;
+
+ length = GetLocalUserAddr(&addr);
+
+ if (length == -1)
+ return;
+
+ NewHost(FamilyServerInterpreted, addr, length, TRUE);
+
+ free(addr);
+}
+
+void
+DisableLocalUser(void)
+{
+ char *addr = NULL;
+ int length = -1;
+
+ length = GetLocalUserAddr(&addr);
+
+ if (length == -1)
+ return;
+
+ RemoveHost(NULL, FamilyServerInterpreted, length, addr);
+
+ free(addr);
+}
+
+void
+LocalAccessScopeUser(void)
+{
+ LocalAccessScope = LOCAL_ACCESS_SCOPE_USER;
+}
+#endif
+
/*
* called at init time when XDMCP will be used; xdmcp always
* adds local hosts manually when needed
diff --git a/os/auth.c b/os/auth.c
index 5fcb538..7da6fc6 100644
--- a/os/auth.c
+++ b/os/auth.c
@@ -181,11 +181,11 @@ CheckAuthorization(unsigned int name_length,
/*
* If the authorization file has at least one entry for this server,
- * disable local host access. (loadauth > 0)
+ * disable local access. (loadauth > 0)
*
* If there are zero entries (either initially or when the
* authorization file is later reloaded), or if a valid
- * authorization file was never loaded, enable local host access.
+ * authorization file was never loaded, enable local access.
* (loadauth == 0 || !loaded)
*
* If the authorization file was loaded initially (with valid
@@ -194,11 +194,11 @@ CheckAuthorization(unsigned int name_length,
*/
if (loadauth > 0) {
- DisableLocalHost(); /* got at least one */
+ DisableLocalAccess(); /* got at least one */
loaded = TRUE;
}
else if (loadauth == 0 || !loaded)
- EnableLocalHost();
+ EnableLocalAccess();
}
if (name_length) {
for (i = 0; i < NUM_AUTHORIZATION; i++) {

View File

@ -1,96 +0,0 @@
From b1029716e41e252f149b82124a149da180607c96 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Thu, 16 Apr 2015 11:28:16 -0400
Subject: systemd-logind: don't second guess D-Bus default timeout
At the moment, the X server uses a non-default timeout for D-Bus
messages to systemd-logind. The only timeouts normally used with
D-Bus are:
1) Infinite
2) Default
Anything else is just as arbitrary as Default, and so rarely makes
sense to use instead of Default.
Put another way, there's little reason to be fault tolerant against
a local root running daemon (logind), that in some configurations, the
X server already depends on for proper functionality.
This commit changes systemd-logind to just use the default timeouts.
Downstream-bug: https://bugzilla.redhat.com/show_bug.cgi?id=1209347
Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
diff --git a/hw/xfree86/os-support/linux/systemd-logind.c b/hw/xfree86/os-support/linux/systemd-logind.c
index 57c87c0..4ad41a3 100644
--- a/hw/xfree86/os-support/linux/systemd-logind.c
+++ b/hw/xfree86/os-support/linux/systemd-logind.c
@@ -40,8 +40,6 @@
#include "systemd-logind.h"
-#define DBUS_TIMEOUT 500 /* Wait max 0.5 seconds */
-
struct systemd_logind_info {
DBusConnection *conn;
char *session;
@@ -130,7 +128,7 @@ systemd_logind_take_fd(int _major, int _minor, const char *path,
}
reply = dbus_connection_send_with_reply_and_block(info->conn, msg,
- DBUS_TIMEOUT, &error);
+ DBUS_TIMEOUT_USE_DEFAULT, &error);
if (!reply) {
LogMessage(X_ERROR, "systemd-logind: failed to take device %s: %s\n",
path, error.message);
@@ -207,7 +205,7 @@ systemd_logind_release_fd(int _major, int _minor, int fd)
}
reply = dbus_connection_send_with_reply_and_block(info->conn, msg,
- DBUS_TIMEOUT, &error);
+ DBUS_TIMEOUT_USE_DEFAULT, &error);
if (!reply)
LogMessage(X_ERROR, "systemd-logind: failed to release device: %s\n",
error.message);
@@ -289,7 +287,7 @@ systemd_logind_ack_pause(struct systemd_logind_info *info,
}
reply = dbus_connection_send_with_reply_and_block(info->conn, msg,
- DBUS_TIMEOUT, &error);
+ DBUS_TIMEOUT_USE_DEFAULT, &error);
if (!reply)
LogMessage(X_ERROR, "systemd-logind: failed to ack pause: %s\n",
error.message);
@@ -457,7 +455,7 @@ connect_hook(DBusConnection *connection, void *data)
}
reply = dbus_connection_send_with_reply_and_block(connection, msg,
- DBUS_TIMEOUT, &error);
+ DBUS_TIMEOUT_USE_DEFAULT, &error);
if (!reply) {
LogMessage(X_ERROR, "systemd-logind: failed to get session: %s\n",
error.message);
@@ -492,7 +490,7 @@ connect_hook(DBusConnection *connection, void *data)
}
reply = dbus_connection_send_with_reply_and_block(connection, msg,
- DBUS_TIMEOUT, &error);
+ DBUS_TIMEOUT_USE_DEFAULT, &error);
if (!reply) {
LogMessage(X_ERROR, "systemd-logind: TakeControl failed: %s\n",
error.message);
@@ -564,7 +562,7 @@ systemd_logind_release_control(struct systemd_logind_info *info)
}
reply = dbus_connection_send_with_reply_and_block(info->conn, msg,
- DBUS_TIMEOUT, &error);
+ DBUS_TIMEOUT_USE_DEFAULT, &error);
if (!reply) {
LogMessage(X_ERROR, "systemd-logind: ReleaseControl failed: %s\n",
error.message);
--
cgit v0.10.2

View File

@ -1,36 +0,0 @@
From 792e9251670ce94210df5c6d354059bbb97f4478 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Thu, 16 Apr 2015 11:28:15 -0400
Subject: systemd-logind: filter out non-signal messages from message filter
It's possible to receive a message reply in the message filter if a
previous message call timed out locally before the reply arrived.
The message_filter function only handles signals, at the moment, and
does not properly handle message replies.
This commit changes the message_filter function to filter out all
non-signal messages, including spurious message replies.
Downstream-bug: https://bugzilla.redhat.com/show_bug.cgi?id=1209347
Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
diff --git a/hw/xfree86/os-support/linux/systemd-logind.c b/hw/xfree86/os-support/linux/systemd-logind.c
index 49758f4..57c87c0 100644
--- a/hw/xfree86/os-support/linux/systemd-logind.c
+++ b/hw/xfree86/os-support/linux/systemd-logind.c
@@ -313,6 +313,9 @@ message_filter(DBusConnection * connection, DBusMessage * message, void *data)
dbus_int32_t major, minor;
char *pause_str;
+ if (dbus_message_get_type (message) != DBUS_MESSAGE_TYPE_SIGNAL)
+ return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
+
dbus_error_init(&error);
if (dbus_message_is_signal(message,
--
cgit v0.10.2

View File

@ -1,32 +0,0 @@
Subject: xwayland: default to local user if no xauth file given.
Author: Ray Strode <rstrode@redhat.com>
Path-mainline: Upstream
Git-commit: 76636ac12f2d1dbdf7be08222f80e7505d53c451
References: bnc#934102 CVE-2015-3164
Signed-off-by: Michal Srb <msrb@suse.com>
Right now if "-auth" isn't passed on the command line, we let
any user on the system connect to the Xwayland server.
That's clearly suboptimal, given Xwayland is generally designed
to be used by one user at a time.
This commit changes the behavior, so only the user who started the
X server can connect clients to it.
Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c
index c5bee77..bc92beb 100644
--- a/hw/xwayland/xwayland.c
+++ b/hw/xwayland/xwayland.c
@@ -702,4 +702,6 @@ InitOutput(ScreenInfo * screen_info, int argc, char **argv)
if (AddScreen(xwl_screen_init, argc, argv) == -1) {
FatalError("Couldn't add screen\n");
}
+
+ LocalAccessScopeUser();
}

View File

@ -1,32 +0,0 @@
Subject: xwayland: Enable access control on open sockets
Author: Ray Strode <rstrode@redhat.com>
Path-mainline: Upstream
Git-commit: c4534a38b68aa07fb82318040dc8154fb48a9588
References: bnc#934102 CVE-2015-3164
Signed-off-by: Michal Srb <msrb@suse.com>
Xwayland currently allows wide-open access to the X sockets
it listens on, ignoring Xauth access control.
This commit makes sure to enable access control on the sockets,
so one user can't snoop on another user's X-over-wayland
applications.
Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c
index 7e8d667..c5bee77 100644
--- a/hw/xwayland/xwayland.c
+++ b/hw/xwayland/xwayland.c
@@ -483,7 +483,7 @@ listen_on_fds(struct xwl_screen *xwl_screen)
int i;
for (i = 0; i < xwl_screen->listen_fd_count; i++)
- ListenOnOpenFD(xwl_screen->listen_fds[i], TRUE);
+ ListenOnOpenFD(xwl_screen->listen_fds[i], FALSE);
}
static void

View File

@ -14,8 +14,8 @@ index 58d420e..95b34a2 100644
--- a/hw/xfree86/drivers/modesetting/dumb_bo.c
+++ b/hw/xfree86/drivers/modesetting/dumb_bo.c
@@ -25,6 +25,12 @@
*
*/
#include "dix-config.h"
#endif
+/*
+ * ad hoc fix for mmap's truncated offset parameter on 32bit

View File

@ -1,33 +0,0 @@
From: Egbert Eich <eich@suse.de>
Date: Fri May 23 20:08:29 2014 +0200
Subject: [PATCH]connection: avoid crash when CloseWellKnownConnections() gets called twice
Patch-mainline: to be upstreamed
Git-commit: 74472c4e8e4c873014554f321ec2086066126297
Git-repo:
References: bnc#879666, bnc#879489
Signed-off-by: Egbert Eich <eich@suse.com>
CloseWellKnownConnections() closes all connections and deallocates
their data. Thus all entries in ListenTransConns are invalid.
To avoid access to those entries set ListenTransCount to 0.
This avoids crashes when CloseWellKnownConnections() is called twice
for instance when FatalError() is called on Xserver shutdown.
Signed-off-by: Egbert Eich <eich@suse.de>
---
os/connection.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/os/connection.c b/os/connection.c
index 162e1d9..3c0b62a 100644
--- a/os/connection.c
+++ b/os/connection.c
@@ -513,6 +513,8 @@ CloseWellKnownConnections(void)
for (i = 0; i < ListenTransCount; i++)
_XSERVTransClose(ListenTransConns[i]);
+
+ ListenTransCount = 0;
}
static void

View File

@ -1,47 +0,0 @@
From: Egbert Eich <eich@suse.de>
Date: Fri Feb 6 14:56:57 2015 +0100
Subject: [PATCH]symbols: Fix sdksyms.sh to cope with gcc5
Patch-mainline: to be upstreamed
References: bnc#916580
Signed-off-by: Egbert Eich <eich@suse.com>
Gcc5 adds additional lines stating line numbers before and
after __attribute__() which need to be skipped.
Signed-off-by: Egbert Eich <eich@suse.de>
---
hw/xfree86/sdksyms.sh | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/hw/xfree86/sdksyms.sh b/hw/xfree86/sdksyms.sh
index d9a4478..2936669 100755
--- a/hw/xfree86/sdksyms.sh
+++ b/hw/xfree86/sdksyms.sh
@@ -353,13 +353,25 @@ BEGIN {
if (sdk) {
n = 3;
+ # skip line numbers GCC 5 adds before __attribute__
+ while ($n == "" || $0 ~ /^# [0-9]+ "/) {
+ getline;
+ n = 1;
+ }
+
# skip attribute, if any
while ($n ~ /^(__attribute__|__global)/ ||
# skip modifiers, if any
$n ~ /^\*?(unsigned|const|volatile|struct|_X_EXPORT)$/ ||
# skip pointer
- $n ~ /^[a-zA-Z0-9_]*\*$/)
+ $n ~ /^[a-zA-Z0-9_]*\*$/) {
n++;
+ # skip line numbers GCC 5 adds after __attribute__
+ while ($n == "" || $0 ~ /^# [0-9]+ "/) {
+ getline;
+ n = 1;
+ }
+ }
# type specifier may not be set, as in
# extern _X_EXPORT unsigned name(...)

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2bf8e9f6f0a710dec1d2472467bff1f4e247cb6dcd76eb469aafdc8a2d7db2ab
size 5852385

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f61120612728f2c5034671d0ca3e2273438c60aba93b3dda4a8aa40e6a257993
size 5767983

View File

@ -1,3 +1,26 @@
-------------------------------------------------------------------
Tue Jun 16 21:07:03 UTC 2015 - tobias.johannes.klausmann@mni.thm.de
- Update to version 1.17.2:
Pick up a pile of fixes from master. Notable highlights:
+ Fix for CVE-2015-3164 in Xwayland
+ Fix int10 setup for vesa
+ Fix regression in server-interpreted auth
+ Fix fb setup on big-endian CPUs
+ Build fix for for gcc5
- Dropped patches:
+ Patch110: u_connection-avoid-crash-when-CloseWellKnownConnections-gets-called-twice.patch
+ Patch113: u_symbols-Fix-sdksyms.sh-to-cope-with-gcc5.patch
+ Patch116: U_os-XDMCP-options-like-query-etc-should-imply-listen.patch
+ Patch118: U_int10-Fix-error-check-for-pci_device_map_legacy.patch
+ Patch119: U_xwayland-enable-access-control-on-open-socket.patch
+ Patch120: U_os-support-new-implicit-local-user-access-mode.patch
+ Patch121: U_xwayland-default-to-local-user-if-no-xauth-file-given.patch
+ Patch2000: U_systemd-logind-filter-out-non-signal-messages-from.patch
+ Patch2001: U_systemd-logind-dont-second-guess-D-Bus-default-tim.patch
- Changed patches to work with the new version:
+ Patch114: u_ad-hoc-fix-for-mmap-s-truncated-offset-parameter-on-.patch
-------------------------------------------------------------------
Fri Jun 12 11:58:43 UTC 2015 - msrb@suse.com

View File

@ -18,7 +18,7 @@
Name: xorg-x11-server
%define dirsuffix 1.17.1
%define dirsuffix 1.17.2
Summary: X
License: MIT
@ -159,21 +159,13 @@ Patch104: u_xorg-server-xdmcp.patch
Patch105: ux_xserver_xvfb-randr.patch
# PATCH-FIX-UPSTREAM u_exa-only-draw-valid-trapezoids.patch bnc#853846 msrb@suse.com -- Fixes possible crash of server using invalid trapezoids. 2013-12-12 patch is waiting in mailing list to be upstreamed.
Patch106: u_exa-only-draw-valid-trapezoids.patch
Patch110: u_connection-avoid-crash-when-CloseWellKnownConnections-gets-called-twice.patch
Patch111: u_CloseConsole-Don-t-report-FatalError-when-shutting-down.patch
Patch112: u_render-Cast-color-masks-to-unsigned-long-before-shifting-them.patch
Patch113: u_symbols-Fix-sdksyms.sh-to-cope-with-gcc5.patch
Patch114: u_ad-hoc-fix-for-mmap-s-truncated-offset-parameter-on-.patch
Patch115: N_Force-swcursor-for-KMS-drivers-without-hw-cursor-sup.patch
Patch116: U_os-XDMCP-options-like-query-etc-should-imply-listen.patch
Patch117: xorg-x11-server-byte-order.patch
Patch118: U_int10-Fix-error-check-for-pci_device_map_legacy.patch
# PATCH-FIX-UPSTREAM U_xwayland-enable-access-control-on-open-socket.patch bnc#934102 msrb@suse.com -- Fix CVE-2015-3164
Patch119: U_xwayland-enable-access-control-on-open-socket.patch
# PATCH-FIX-UPSTREAM U_os-support-new-implicit-local-user-access-mode.patch bnc#934102 msrb@suse.com -- Fix CVE-2015-3164
Patch120: U_os-support-new-implicit-local-user-access-mode.patch
# PATCH-FIX-UPSTREAM U_xwayland-default-to-local-user-if-no-xauth-file-given.patch bnc#934102 msrb@suse.com -- Fix CVE-2015-3164
Patch121: U_xwayland-default-to-local-user-if-no-xauth-file-given.patch
Patch1000: n_xserver-optimus-autoconfig-hack.patch
@ -181,10 +173,6 @@ Patch1162: b_cache-xkbcomp-output-for-fast-start-up.patch
Patch1211: b_0001-Prevent-XSync-Alarms-from-senslessly-calling-CheckTr.patch
Patch1222: b_sync-fix.patch
# PATCH-FIX-UPSTREAM U_systemd-logind-* rh#1209347 antoine.belvire@laposte.net -- Fix Gnome X session for some hybrid graphics
Patch2000: U_systemd-logind-filter-out-non-signal-messages-from.patch
Patch2001: U_systemd-logind-dont-second-guess-D-Bus-default-tim.patch
%description
This package contains the X.Org Server.
@ -262,24 +250,17 @@ cp %{SOURCE90} .
%patch104 -p1
%patch105 -p1
%patch106 -p1
%patch110 -p1
%patch111 -p1
%patch112 -p1
%patch113 -p1
%patch114 -p1
%patch115 -p1
%patch116 -p1
%patch117 -p1
%patch118 -p1
%patch119 -p1
%patch120 -p1
%patch121 -p1
%patch1000 -p1
%patch2000 -p1
%patch2001 -p1
### disabled for now
#%patch1162 -p1
### disabled for now