Ana Guerrero
6a5a8cfee5
Accepting request 1166666 from X11:XOrg
...
- U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
* fixes regression for security fix for CVE-2024-31083 (bsc#1222312,
boo#1222442, gitlab xserver issue #1659 )
OBS-URL: https://build.opensuse.org/request/show/1166666
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=430
2024-04-11 17:40:24 +00:00
7cf27825ed
- U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
...
* fixes regression for security fix for CVE-2024-31083 (bsc#1222312,
boo#1222442, gitlab xserver issue #1659 )
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=885
2024-04-10 13:25:42 +00:00
Ana Guerrero
7861952257
Accepting request 1164516 from X11:XOrg
...
- Security update 21.1.12
This release addresses the following 4 security issues:
* CVE-2024-31080
* CVE-2024-31081
* CVE-2024-31082
* CVE-2024-31083
Additionally it provides a way to disable byte-swapped clients either by
command line flag or config option. This allows to turn off byte swapping
code that has been a source of security problems lately.
OBS-URL: https://build.opensuse.org/request/show/1164516
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=429
2024-04-04 20:24:46 +00:00
25a7aa1fcd
- Security update 21.1.12
...
This release addresses the following 4 security issues:
* CVE-2024-31080
* CVE-2024-31081
* CVE-2024-31082
* CVE-2024-31083
Additionally it provides a way to disable byte-swapped clients either by
command line flag or config option. This allows to turn off byte swapping
code that has been a source of security problems lately.
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=883
2024-04-04 08:26:50 +00:00
Ana Guerrero
ea487cfa07
Accepting request 1151681 from X11:XOrg
...
OBS-URL: https://build.opensuse.org/request/show/1151681
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=428
2024-02-27 21:44:47 +00:00
b5c8d1679f
Accepting request 1151307 from home:dimstar:rpm4.20:x
...
Prepare for RPM 4.20
OBS-URL: https://build.opensuse.org/request/show/1151307
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=881
2024-02-26 13:55:25 +00:00
Ana Guerrero
f0d4ba78c8
Accepting request 1148344 from X11:XOrg
...
- fix permissions of files in xorg-x11-server-source for tigervnc
build later (needed since latest autoconf)
- Provide again xorg-x11-server-source
* xwayland sources are not meant for a generic server.
* https://github.com/TigerVNC/tigervnc/issues/1728
- Stop providing xorg-x11-server-source from xorg-x11-server
* Now the sources are provided by xwayland because it is more updated.
* Fixes bsc#1219892.
OBS-URL: https://build.opensuse.org/request/show/1148344
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=427
2024-02-23 15:40:13 +00:00
acf968d516
- fix permissions of files in xorg-x11-server-source for tigervnc
...
build later (needed since latest autoconf)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=879
2024-02-20 20:40:13 +00:00
041c8cf369
Accepting request 1146918 from home:jtorres:branches:X11:XOrg
...
- Provide again xorg-x11-server-source
* xwayland sources are not meant for a generic server.
* https://github.com/TigerVNC/tigervnc/issues/1728
OBS-URL: https://build.opensuse.org/request/show/1146918
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=878
2024-02-15 18:36:36 +00:00
31a9dd9b98
Accepting request 1146793 from home:jtorres:branches:X11:XOrg
...
- Stop providing xorg-x11-server-source from xorg-x11-server
* Now the sources are provided by xwayland because it is more updated.
* Fixes bsc#1219892.
OBS-URL: https://build.opensuse.org/request/show/1146793
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=877
2024-02-15 11:54:17 +00:00
Ana Guerrero
e61d5aaba0
Accepting request 1146120 from X11:XOrg
...
- Release 21.1.11 also covers fixes for security issue CVE-2022-46340
and bug numbers bsc#1205874, bsc#1217765
- Release 21.1.11 covers fixes for the following bug numbers, which
are not mentioned in this changelog before: bsc#1218845,
bsc#1218846, bsc#1216261, bsc#1216133, bsc#1216135
- Release 21.1.11 supersedes the following patches still used with
xorg-x11-server 21.1.4 on sle15-sp5/Leap 15.5 and not mentioned in
this changelog as superseded before:
* U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch
* U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch
* U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch
* U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch
* U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
* U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch
* bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch
* bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch
* bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch
* bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch
* bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch
* bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch
* bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch
* U_bsc1218845-glx-Call-XACE-hooks-on-the-GLX-buffer.patch
* U_bsc1218846-ephyr-xwayland-Use-the-proper-private-key-for-cursor.patch
- xserver sources of this release fixes segfault in Xvnc (bsc#1219311)
OBS-URL: https://build.opensuse.org/request/show/1146120
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=426
2024-02-12 17:51:07 +00:00
670f3724ce
- Release 21.1.11 also covers fixes for security issue CVE-2022-46340
...
and bug numbers bsc#1205874, bsc#1217765
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=875
2024-02-12 10:05:11 +00:00
2e97444477
- Release 21.1.11 covers fixes for the following bug numbers, which
...
are not mentioned in this changelog before: bsc#1218845,
bsc#1218846, bsc#1216261, bsc#1216133, bsc#1216135
- Release 21.1.11 supersedes the following patches still used with
xorg-x11-server 21.1.4 on sle15-sp5/Leap 15.5 and not mentioned in
this changelog as superseded before:
* U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch
* U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch
* U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch
* U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch
* U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
* U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch
* bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch
* bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch
* bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch
* bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch
* bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch
* bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch
* bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch
* U_bsc1218845-glx-Call-XACE-hooks-on-the-GLX-buffer.patch
* U_bsc1218846-ephyr-xwayland-Use-the-proper-private-key-for-cursor.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=874
2024-02-11 10:31:45 +00:00
a80075e194
- xserver sources of this release fixes segfault in Xvnc (bsc#1219311)
...
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=873
2024-02-09 20:19:15 +00:00
Ana Guerrero
974b5eefd5
Accepting request 1142261 from X11:XOrg
...
- no longer (build-)require obsolete Xprint/XprintUtil
OBS-URL: https://build.opensuse.org/request/show/1142261
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=425
2024-01-30 17:23:54 +00:00
17a63689f9
- no longer (build-)require obsolete Xprint/XprintUtil
...
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=871
2024-01-29 13:10:06 +00:00
Ana Guerrero
9e7dfe9bf7
Accepting request 1139223 from X11:XOrg
...
- Update to version 21.1.11
* This release contains fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg/2024-January/061525.html
* CVE-2023-6816 (bsc#1218582)
* CVE-2024-0229 (bsc#1218583)
* CVE-2024-21885 (bsc#1218584)
* CVE-2024-21886 (bsc#1218585)
* CVE-2024-0408
* CVE-2024-0409
- supersedes the following patches
* U_xephyr-Don-t-check-for-SeatId-anymore.patch
* U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
* U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
OBS-URL: https://build.opensuse.org/request/show/1139223
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=424
2024-01-17 21:15:03 +00:00
eac62a3a3b
- Update to version 21.1.11
...
* This release contains fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg/2024-January/061525.html
* CVE-2023-6816 (bsc#1218582)
* CVE-2024-0229 (bsc#1218583)
* CVE-2024-21885 (bsc#1218584)
* CVE-2024-21886 (bsc#1218585)
* CVE-2024-0408
* CVE-2024-0409
- supersedes the following patches
* U_xephyr-Don-t-check-for-SeatId-anymore.patch
* U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
* U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=869
2024-01-16 14:20:49 +00:00
Ana Guerrero
4ac071937a
Accepting request 1137765 from X11:XOrg
...
- u_miCloseScreen_check_for_null_pScreen_dev_private.patch
* miCloseScreen check for null pScreen dev private (bsc#1218176);
another regression introduced by
U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
OBS-URL: https://build.opensuse.org/request/show/1137765
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=423
2024-01-10 20:51:05 +00:00
Dominique Leuenberger
b0f021b69e
Accepting request 1137260 from X11:XOrg
...
- n_xserver-optimus-autoconfig-hack.patch
u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
u_xfree86-activate-GPU-screens-on-autobind.patch
* check dixPrivateKeyRegistered(rrPrivKey) before calling
rrGetScrPriv() to avoid xserver crash when Xinerama is enabled
(boo#1218240)
-------------------------------------------------------------------
OBS-URL: https://build.opensuse.org/request/show/1137260
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=422
2024-01-07 20:39:07 +00:00
678de8e366
- u_miCloseScreen_check_for_null_pScreen_dev_private.patch
...
* miCloseScreen check for null pScreen dev private (bsc#1218176);
another regression introduced by
U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=866
2024-01-06 20:07:07 +00:00
605942037e
- n_xserver-optimus-autoconfig-hack.patch
...
u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
u_xfree86-activate-GPU-screens-on-autobind.patch
* check dixPrivateKeyRegistered(rrPrivKey) before calling
rrGetScrPriv() to avoid xserver crash when Xinerama is enabled
(boo#1218240)
-------------------------------------------------------------------
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=865
2024-01-06 15:21:02 +00:00
Ana Guerrero
8dca7e3f1a
Accepting request 1132834 from X11:XOrg
...
- U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
* Out-of-bounds memory write in XKB button actions (CVE-2023-6377,
ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765)
- U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
* Out-of-bounds memory read in RRChangeOutputProperty and
RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561,
bsc#1217766)
OBS-URL: https://build.opensuse.org/request/show/1132834
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=421
2023-12-14 21:02:29 +00:00
cdc2ed918d
Added missing fixes on U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch.
...
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=863
2023-12-13 10:09:44 +00:00
d3adf84eb2
- U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
...
* Out-of-bounds memory write in XKB button actions (CVE-2023-6377,
ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765)
- U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
* Out-of-bounds memory read in RRChangeOutputProperty and
RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561,
bsc#1217766)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=862
2023-12-13 09:18:18 +00:00
Ana Guerrero
28b3701e72
Accepting request 1120244 from X11:XOrg
...
- Update to version 21.1.9
* This release contains fixes for CVE-2023-5367, CVE-2023-5380
and CVE-2023-5574 as reported in today's security advisory:
https://lists.x.org/archives/xorg-announce/2023-October/003430.html
- adjusted u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch
OBS-URL: https://build.opensuse.org/request/show/1120244
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=420
2023-10-25 16:02:08 +00:00
f2b0c39e9f
* This release contains fixes for CVE-2023-5367, CVE-2023-5380
...
and CVE-2023-5574 as reported in today's security advisory:
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=860
2023-10-25 12:08:03 +00:00
5df1139ec3
- Update to version 21.1.9
...
* This release contains fixes for CVE-2023-5367 and CVE-2023-5380 as
reported in today's security advisory:
https://lists.x.org/archives/xorg-announce/2023-October/003430.html
- adjusted u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=859
2023-10-25 11:29:21 +00:00
Dominique Leuenberger
b8eaf40ba1
Accepting request 1076666 from X11:XOrg
...
OBS-URL: https://build.opensuse.org/request/show/1076666
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=419
2023-04-02 17:16:56 +00:00
2444a577fa
Accepting request 1076665 from home:iznogood:branches:X11:XOrg
...
Tweak .changes entry from my previous sub - add CVE...
OBS-URL: https://build.opensuse.org/request/show/1076665
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=857
2023-04-01 18:44:04 +00:00
648f5c3fe3
Accepting request 1076650 from home:iznogood:branches:X11:XOrg
...
- Update to version 21.1.8:
* composite: Fix use-after-free of the COW
* xkbUtils: use existing symbol names instead of deleted
deprecated ones
- Drop U_xserver-composite-Fix-use-after-free-of-the-COW.patch:
Fixed upstream
- Switch back to tarball release, drop source service, add keyring
and sig files.
OBS-URL: https://build.opensuse.org/request/show/1076650
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=856
2023-04-01 17:59:31 +00:00
Dominique Leuenberger
5f4493c278
Accepting request 1075267 from X11:XOrg
...
This can be checked in now https://lists.x.org/archives/xorg-announce/2023-March/003374.html
- U_xserver-composite-Fix-use-after-free-of-the-COW.patch
* overlay window use-after-free (CVE-2023-1393, ZDI-CAN-19866,
bsc#1209543)
OBS-URL: https://build.opensuse.org/request/show/1075267
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=418
2023-03-30 20:50:52 +00:00
d2f12e3cf3
- U_xserver-composite-Fix-use-after-free-of-the-COW.patch
...
* overlay window use-after-free (CVE-2023-1393, ZDI-CAN-19866,
bsc#1209543)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=854
2023-03-29 13:38:58 +00:00
Dominique Leuenberger
b7578ba345
Accepting request 1063640 from X11:XOrg
...
- Update to version xorg-server-21.1.7:
* This release contains the fix for CVE-2023-0494 in today's security
advisory:
https://lists.x.org/archives/xorg-announce/2023-February/003320.html
It also fixes a second possible OOB access during EnqueueEvent and a
crasher caused by ResourceClientBits not correctly honouring the
MaxClients value in the configuration file.
- supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch,
U_xorg-server-oob-read-enqueue-event.patch
- U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch
* DeepCopyPointerClasses use-after-free (CVE-2023-0494,
ZDI-CAN-19596, bsc#1207783)
OBS-URL: https://build.opensuse.org/request/show/1063640
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=417
2023-02-08 16:19:52 +00:00
8832186295
- Update to version xorg-server-21.1.7:
...
* This release contains the fix for CVE-2023-0494 in today's security
advisory:
https://lists.x.org/archives/xorg-announce/2023-February/003320.html
It also fixes a second possible OOB access during EnqueueEvent and a
crasher caused by ResourceClientBits not correctly honouring the
MaxClients value in the configuration file.
- supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch,
U_xorg-server-oob-read-enqueue-event.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=852
2023-02-07 14:51:52 +00:00
ac6d09dc19
- U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch
...
* DeepCopyPointerClasses use-after-free (CVE-2023-0494,
ZDI-CAN-19596, bsc#1207783)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=851
2023-02-07 02:58:41 +00:00
Dominique Leuenberger
d6612caf84
Accepting request 1060975 from X11:XOrg
...
- rename u_xorg-server-oob-read-enqueue-event.patch to
U_xorg-server-oob-read-enqueue-event.patch since it's already
upstream
- Add u_xorg-server-oob-read-enqueue-event.patch: fix an
out-of-bounds read in EnqueueEvent.
OBS-URL: https://build.opensuse.org/request/show/1060975
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=416
2023-01-26 12:57:05 +00:00
130596bd3a
fixed patch name in specfile
...
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=849
2023-01-25 16:04:47 +00:00
07094f5b10
- rename u_xorg-server-oob-read-enqueue-event.patch to
...
U_xorg-server-oob-read-enqueue-event.patch since it's already
upstream
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=848
2023-01-25 16:03:15 +00:00
8dd4b14442
Accepting request 1060712 from home:mgorse:branches:X11:XOrg
...
- Add u_xorg-server-oob-read-enqueue-event.patch: fix an
out-of-bounds read in EnqueueEvent.
OBS-URL: https://build.opensuse.org/request/show/1060712
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=847
2023-01-25 15:59:41 +00:00
Dominique Leuenberger
efa6a83d96
Accepting request 1045913 from X11:XOrg
...
OBS-URL: https://build.opensuse.org/request/show/1045913
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=415
2023-01-01 08:38:20 +00:00
810aa51f71
Accepting request 1043805 from home:dirkmueller:Factory
...
- Update to version xorg-server-21.1.6:
* xserver 21.1.6
* Xext: fix invalid event type mask in XTestSwapFakeInput
* xkb: fix some possible memleaks in XkbGetKbdByName
* xkb: proof GetCountedString against request length attacks
* xquartz: Fix some formatting
* XQuartz: stub: Call LSOpenApplication instead of fork()/exec()
- drop the following upstream patches:
U_xkb-proof-GetCountedString-against-request-length-at.patch
U_xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
- Update to version xorg-server-21.1.5:
* xkb: reset the radio_groups pointer to NULL after freeing it
* Xi: avoid integer truncation in length check of ProcXIChangeProperty
* Xi: return an error from XI property changes if verification failed
* Xext: free the screen saver resource when replacing it
* Xext: free the XvRTVideoNotify when turning off from the same client
* Xi: disallow passive grabs with a detail > 255
* Xtest: disallow GenericEvents in XTestSwapFakeInput
* meson: Don't build COMPOSITE for XQuartz
* xquartz: Move default applications list outside of the main executable
* xquartz: Remove unused macro (X11LIBDIR)
- drop the following upstream patches:
U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
OBS-URL: https://build.opensuse.org/request/show/1043805
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=845
2022-12-31 12:48:22 +00:00
Dominique Leuenberger
8cc638378f
Accepting request 1042895 from X11:XOrg
...
- U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
* XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283,
bsc#1206017)
- U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
* Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265,
CVE-2022-46340, bsc#1205874)
- U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
* Xi: return an error from XI property changes if verification
failed (no ZDI-CAN id, no CVE id, bsc#1205875)
- U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
* Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405,
CVE-2022-46344, bsc#1205876)
- U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
* Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381,
CVE-2022-46341, bsc#1205877)
- U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
* Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404,
CVE-2022-46343, bsc#1205878)
- U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
* Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400,
CVE-2022-46342, bsc#1205879)
OBS-URL: https://build.opensuse.org/request/show/1042895
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=414
2022-12-15 18:24:14 +00:00
37722e6dc6
- U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
...
* XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283,
bsc#1206017)
- U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
* Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265,
CVE-2022-46340, bsc#1205874)
- U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
* Xi: return an error from XI property changes if verification
failed (no ZDI-CAN id, no CVE id, bsc#1205875)
- U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
* Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405,
CVE-2022-46344, bsc#1205876)
- U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
* Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381,
CVE-2022-46341, bsc#1205877)
- U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
* Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404,
CVE-2022-46343, bsc#1205878)
- U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
* Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400,
CVE-2022-46342, bsc#1205879)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=843
2022-12-14 10:48:59 +00:00
Dominique Leuenberger
810b863b86
Accepting request 1034269 from X11:XOrg
...
- Release 21.1 covers bugfixes and JIRA tickets for bsc#1176015,bsc#1182510,bsc#1182884,bsc#1184072,bsc#1184543,bsc#1184906,bsc#1186092,bsc#1188970,bsc#1194159,bsc#1196577,bsc#1197046,bsc#1197269,bsc#1200076,fdo#574,jsc#SLE-18653,jsc#SLE-8470
OBS-URL: https://build.opensuse.org/request/show/1034269
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=413
2022-11-08 09:53:43 +00:00
b449042e84
- Release 21.1 covers bugfixes and JIRA tickets for bsc#1176015,bsc#1182510,bsc#1182884,bsc#1184072,bsc#1184543,bsc#1184906,bsc#1186092,bsc#1188970,bsc#1194159,bsc#1196577,bsc#1197046,bsc#1197269,bsc#1200076,fdo#574,jsc#SLE-18653,jsc#SLE-8470
...
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=841
2022-11-07 15:26:36 +00:00
Dominique Leuenberger
1e0cfa540d
Accepting request 1034184 from X11:XOrg
...
- Release 21.1 supersedes the following patches still used with
xorg-x11-server 1.20.3 on sle15-sp4/Leap 15.4:
* U_0002-DRI2-Add-another-Coffeelake-PCI-ID.patch
* U_0002-Fix-crash-on-XkbSetMap.patch
* U_0003-Fix-crash-on-XkbSetMap.patch
* U_0003-dri2-Sync-i965_pci_ids.h-from-mesa.patch
* U_0004-dri2-Set-fallback-driver-names-for-Intel-and-AMD-chi.patch
* U_0005-dri2-Sync-i965_pci_ids.h-from-mesa-iris_pci_ids.h.patch
* U_build-glx-Lower-gl-version-to-work-with-libglvnd.patch
* U_glamor-Make-pixmap-exportable-from-gbm_bo_from_pixma.patch
* U_hw_do-not-include-sys-io-with-glibc.patch
* U_meson-Fix-another-reference-to-gl-9.2.0.patch
* U_modesetting-Fix-broken-manpage-in-autoconf-build.patch
* U_present-wnmd-Fix-use-after-free-on-CRTC-removal.patch
* U_present-wnmd-Relax-assertion-on-CRTC-on-abort_vblank.patch
* U_xfree86-Change-displays-array-to-pointers-array-to-f.patch
* U_xfree86-Fix-NULL-pointer-dereference-crash.patch
* U_xkbsetdeviceinfo.patch
* u_sync-pci-ids-with-Mesa-21.2.4.patch
* u_xf86-Accept-devices-with-the-simpledrm-driver.patch
* u_xichangehierarchy-CVE-2020-14346.patch
* u_xkb-CVE-2020-14345.patch
* u_xkb-CVE-2020-14360.patch
OBS-URL: https://build.opensuse.org/request/show/1034184
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=412
2022-11-07 14:55:55 +00:00
eddda1e7f0
No relevant changes
...
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=839
2022-11-07 12:36:09 +00:00
ba3c661154
- Release 21.1 supersedes the following patches still used with
...
xorg-x11-server 1.20.3 on sle15-sp4/Leap 15.4:
* U_0002-DRI2-Add-another-Coffeelake-PCI-ID.patch
* U_0002-Fix-crash-on-XkbSetMap.patch
* U_0003-Fix-crash-on-XkbSetMap.patch
* U_0003-dri2-Sync-i965_pci_ids.h-from-mesa.patch
* U_0004-dri2-Set-fallback-driver-names-for-Intel-and-AMD-chi.patch
* U_0005-dri2-Sync-i965_pci_ids.h-from-mesa-iris_pci_ids.h.patch
* U_build-glx-Lower-gl-version-to-work-with-libglvnd.patch
* U_glamor-Make-pixmap-exportable-from-gbm_bo_from_pixma.patch
* U_hw_do-not-include-sys-io-with-glibc.patch
* U_meson-Fix-another-reference-to-gl-9.2.0.patch
* U_modesetting-Fix-broken-manpage-in-autoconf-build.patch
* U_present-wnmd-Fix-use-after-free-on-CRTC-removal.patch
* U_present-wnmd-Relax-assertion-on-CRTC-on-abort_vblank.patch
* U_xfree86-Change-displays-array-to-pointers-array-to-f.patch
* U_xfree86-Fix-NULL-pointer-dereference-crash.patch
* U_xkbsetdeviceinfo.patch
* u_sync-pci-ids-with-Mesa-21.2.4.patch
* u_xf86-Accept-devices-with-the-simpledrm-driver.patch
* u_xichangehierarchy-CVE-2020-14346.patch
* u_xkb-CVE-2020-14345.patch
* u_xkb-CVE-2020-14360.patch
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=838
2022-11-07 11:50:33 +00:00
Dominique Leuenberger
ffe2ae973d
Accepting request 1032921 from X11:XOrg
...
- removed N_Disable-HW-Cursor-for-cirrus-and-mgag200-kernel-modules.patch
* meanwhile cirrus and mgag200 Kernel drivers have been rewritten
multiple times and no longer have (broken) hardware cursor
- u_xf86-Accept-devices-with-the-kernels-ofdrm-driver.patch
* Add workaround to support ofdrm
OBS-URL: https://build.opensuse.org/request/show/1032921
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=411
2022-11-03 18:13:40 +00:00