u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
u_xfree86-activate-GPU-screens-on-autobind.patch
* check dixPrivateKeyRegistered(rrPrivKey) before calling
rrGetScrPriv() to avoid xserver crash when Xinerama is enabled
(boo#1218240)
-------------------------------------------------------------------
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=865
- Update to version xorg-server-21.1.6:
* xserver 21.1.6
* Xext: fix invalid event type mask in XTestSwapFakeInput
* xkb: fix some possible memleaks in XkbGetKbdByName
* xkb: proof GetCountedString against request length attacks
* xquartz: Fix some formatting
* XQuartz: stub: Call LSOpenApplication instead of fork()/exec()
- drop the following upstream patches:
U_xkb-proof-GetCountedString-against-request-length-at.patch
U_xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
- Update to version xorg-server-21.1.5:
* xkb: reset the radio_groups pointer to NULL after freeing it
* Xi: avoid integer truncation in length check of ProcXIChangeProperty
* Xi: return an error from XI property changes if verification failed
* Xext: free the screen saver resource when replacing it
* Xext: free the XvRTVideoNotify when turning off from the same client
* Xi: disallow passive grabs with a detail > 255
* Xtest: disallow GenericEvents in XTestSwapFakeInput
* meson: Don't build COMPOSITE for XQuartz
* xquartz: Move default applications list outside of the main executable
* xquartz: Remove unused macro (X11LIBDIR)
- drop the following upstream patches:
U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
OBS-URL: https://build.opensuse.org/request/show/1043805
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=845
* This release fixes 2 recently reported security vulnerabilities
in xkb, several regressions since 1.20.x and a number of
miscellaneous bugs.
- supersedes the following security patches
* U_boo1194181-001-xkb-swap-XkbSetDeviceInfo-and-XkbSetDeviceInfoCheck.patch
* U_boo1194179-001-xkb-rename-xkb_h-to-xkb-procs_h.patch
* U_boo1194179-002-xkb-add-request-length-validation-for-XkbSetGeometry.patch
- supersedes U_Fix-build-with-gcc-12.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=829
* This release fixes 4 recently reported security vulnerabilities and
several regressions.
* In particular, the real physical dimensions are no longer reported
by the X server anymore as it was deemed to be a too disruptive
change. X server will continue to report DPI as 96.
- supersedes U_hw-xfree86-Propagate-physical-dimensions-from-DRM-co.patch
- supersedes U_rendercompositeglyphs.patch
- supersedes U_xfixes-Fix-out-of-bounds-access-in-ProcXFixesCreateP.patch
- supersedes U_Xext-Fix-out-of-bounds-access-in-SProcScreenSaverSus.patch
- supersedes U_record-Fix-out-of-bounds-access-in-SwapCreateRegiste.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=812
* CVE-2021-4009/ZDI-CAN-14950 (bsc#1190487)
The handler for the CreatePointerBarrier request of the XFixes
extension does not properly validate the request length leading
to out of bounds memory write.
- U_Xext-Fix-out-of-bounds-access-in-SProcScreenSaverSus.patch
* CVE-2021-4010/ZDI-CAN-14951 (bsc#1190488)
The handler for the Suspend request of the Screen Saver extension
does not properly validate the request length leading to out of
bounds memory write.
- U_record-Fix-out-of-bounds-access-in-SwapCreateRegiste.patch
* CVE-2021-4011/ZDI-CAN-14952 (bsc#1190489)
The handlers for the RecordCreateContext and RecordRegisterClients
requests of the Record extension do not properly validate the request
length leading to out of bounds memory write.
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=811
* The meson support is now fully mature. While autotools support
will still be kept for this release series, it will be dropped
afterwards.
* Glamor support for Xvfb.
* Variable refresh rate support in the modesetting driver.
* XInput 2.4 support which adds touchpad gestures.
* DMX DDX has been removed.
* X server now correctly reports display DPI in more cases. This
may affect rendering of client applications that have their own
workarounds for hi-DPI screens.
* A large number of small features and various bug fixes.
- updated xorg-server-provides
- supersedes patches
* U_Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch
* U_dix-window-Use-ConfigureWindow-instead-of-MoveWindow.patch
* U_glamor_egl-Reject-OpenGL-2.1-early-on.patch
* u_render-Cast-color-masks-to-unsigned-long-before-shifting-them.patch
- refreshed patches
* N_fix-dpi-values.diff
* N_zap_warning_xserver.diff
* u_modesetting-Fix-dirty-updates-for-sw-rotation.patch
* u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
* u_vesa-Add-VBEDPMSGetCapabilities-VBEDPMSGet.patch
- disabled n_xserver-optimus-autoconfig-hack.patch, which I believe is
superseded by:
commit 078277e4d92f05a90c4715d61b89b9d9d38d68ea
Author: Dave Airlie <airlied@redhat.com>
Date: Fri Aug 17 09:49:24 2012 +1000
xf86: autobind GPUs to the screen
- added pkgconfig(libxcvt)
- cvt binary moved to libxcvt0 package
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=804
- Update to version 1.20.10:
* Check SetMap request length carefully.
* Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap overflows
* present/wnmd: Translate update region to screen space
* modesetting: keep going if a modeset fails on EnterVT
* modesetting: check the kms state on EnterVT
* configure: Build hashtable for Xres and glvnd
* xwayland: Create an xwl_window for toplevel only
* xwayland: non-rootless requires the wl_shell protocol
* glamor: Update pixmap's devKind when making it exportable
* os: Fix instruction pointer written in xorg_backtrace
* present/wnmd: Execute copies at target_msc-1 already
* present/wnmd: Move up present_wnmd_queue_vblank
* present: Add present_vblank::exec_msc field
* present: Move flip target_msc adjustment out of present_vblank_create
* xwayland: Remove pending stream reference when freeing
* xwayland: use drmGetNodeTypeFromFd for checking if a node is a render one
* xwayland: Do not discard frame callbacks on allow commits
* present/wnmd: Remove dead check from present_wnmd_check_flip
* xwayland: Check window pixmap in xwl_present_check_flip2
* present/wnmd: Can't use page flipping for windows clipped by children
* xfree86: Take second reference for SavedCursor in xf86CursorSetCursor
* glamor: Fix glamor_poly_fill_rect_gl xRectangle::width/height handling
* include: Increase the number of max. input devices to 256.
* Revert "linux: Make platform device probe less fragile"
* Revert "linux: Fix platform device PCI detection for complex bus topologies"
* Revert "linux: Fix platform device probe for DT-based PCI"
- Remove included pachtes
* U_xfree86_take_second_ref_for_xcursor.patch
* U_Revert-linux-Fix-platform-device-probe-for-DT-based-.patch
OBS-URL: https://build.opensuse.org/request/show/853603
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=785
* XkbSetMap Out-Of-Bounds Access: Insufficient checks on the
lengths of the XkbSetMap request can lead to out of bounds
memory accesses in the X server. (ZDI-CAN 11572,
CVE-2020-14360, bsc#1174908)
- U_Fix-XkbSetDeviceInfo-and-SetDeviceIndicators-heap-ov.patch
* XkbSetDeviceInfo Heap-based Buffer Overflow: Insufficient
checks on input of the XkbSetDeviceInfo request can lead to a
buffer overflow on the head in the X server. (ZDI-CAN 11389,
CVE-2020-25712, bsc#1177596)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=782
* replace default config /etc/X11/Xwrapper, which allows
anybody to use the wrapper, by a patch for the code, i.e.
# rootonly, console, anybody
allowed_users=anybody
# yes, no, auto
needs_root_rights=auto
is now the default without any Xwrapper config
(needs_root_rights=auto was already the default before)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=780
