1
0
Commit Graph

2 Commits

Author SHA256 Message Date
0c00d6fdc4 Accepting request 531711 from home:tobijk:X11:XOrg
- Update to version 1.19.4:
  A collection of stability fixes from the development branch, including
  two minor CVEs (CVE-2017-13721, CVE-2017-13723).
- Remove upstream patches:
  + U_Xi-Do-not-try-to-swap-GenericEvent.patch
  + U_Xi-Verify-all-events-in-ProcXSendExtensionEvent.patch
  + U_Xi-Zero-target-buffer-in-SProcXSendExtensionEvent.patch
  + U_dix-Disallow-GenericEvent-in-SendEvent-request.patch
- Adapt patches to work with the new release:
  + u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch

OBS-URL: https://build.opensuse.org/request/show/531711
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=676
2017-10-05 13:56:05 +00:00
e8f5430dae - u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch
If arc4random_buf() is not available for generating cookies:
  * use getentropy(), if available (which was only recently added to
    glibc)
  * use getrandom() via syscall(), if available (there was no glibc
    wrapper for this syscall for a long time)
  * if all else fails, directly read from /dev/urandom as before, but
    employ O_CLOEXEC, do an OsAbort() in case the random data couldn't be
    read to avoid unsecure situations. Don't know if that's too hard a
    measure but it shouldn't actually occur except on maximum number of
    FDs reached
  (bsc#1025084)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=671
2017-07-13 14:57:37 +00:00